[Git][security-tracker-team/security-tracker][master] AddCVE-2018-21232/re2c
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 29 21:41:41 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0f5b2978 by Salvatore Bonaccorso at 2020-04-29T22:39:28+02:00
AddCVE-2018-21232/re2c
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -373,7 +373,11 @@ CVE-2020-12287
CVE-2019-20791 (OpenThread before 2019-12-13 has a stack-based buffer overflow in Mesh ...)
TODO: check
CVE-2018-21232 (re2c before 2.0 has uncontrolled recursion that causes stack consumpti ...)
- TODO: check
+ - re2c <unfixed>
+ [buster] - re2c <no-dsa> (Minor issue)
+ [stretch] - re2c <no-dsa> (Minor issue)
+ NOTE: https://github.com/skvadrik/re2c/issues/219
+ NOTE: https://www.openwall.com/lists/oss-security/2020/04/27/2
CVE-2020-12286 (In Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, the Task ...)
NOT-FOR-US: Octopus Deploy
CVE-2020-12285
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f5b2978a369bc2cb8e2b3e3fa0cc7ec7c7a82b0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f5b2978a369bc2cb8e2b3e3fa0cc7ec7c7a82b0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200429/064fa760/attachment.html>
More information about the debian-security-tracker-commits
mailing list