[Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-11958/re2c

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ced78cf2 by Salvatore Bonaccorso at 2020-04-22T06:39:43+02:00
Update information on CVE-2020-11958/re2c

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -186,7 +186,9 @@ CVE-2020-11958 (re2c 1.3 has a heap-based buffer overflow in Scanner::fill in pa
 	[stretch] - re2c <not-affected> (Vulnerability introduced later)
 	[jessie] - re2c <not-affected> (Vulnerability introduced later)
 	NOTE: http://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc/
-	NOTE: Introduced in: https://github.com/skvadrik/re2c/commit/2f3e597abce36fb7f41413373308b7f13fc98181 (1.2)
+	NOTE: Logical error introduced in: https://github.com/skvadrik/re2c/commit/2f3e597abce36fb7f41413373308b7f13fc98181 (1.2)
+	NOTE: Vulnerability introduced in: https://github.com/skvadrik/re2c/commit/1edd26a35457c5835afd58b8fa8330d33e7a1192 (1.2)
+	NOTE: https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a#commitcomment-38652070
 	NOTE: Fixed by: https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a
 CVE-2020-11957
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ced78cf2841470395ab15ef00aca8b4b3011450f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ced78cf2841470395ab15ef00aca8b4b3011450f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200422/32836464/attachment.html>