[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-24242/nasm
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 25 22:24:48 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7dee80d1 by Salvatore Bonaccorso at 2020-08-25T23:23:28+02:00
Add CVE-2020-24242/nasm
- - - - -
922ceac6 by Salvatore Bonaccorso at 2020-08-25T23:24:23+02:00
Add CVE-2020-24241/nasm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -803,9 +803,14 @@ CVE-2020-24244
CVE-2020-24243
RESERVED
CVE-2020-24242 (In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ...)
- TODO: check
+ - nasm <unfixed>
+ NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392708
+ NOTE: https://github.com/netwide-assembler/nasm/commit/6299a3114ce0f3acd55d07de201a8ca2f0a83059
CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in ...)
- TODO: check
+ - nasm <unfixed>
+ NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392707
+ NOTE: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
+ NOTE: https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c
CVE-2020-24240 (GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attack ...)
- bison <unfixed> (unimportant)
NOTE: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d (v3.7.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94de9b73f927bccabc173c6f28f36f21b82fac63...922ceac6a01daa203db8ebf11453be1042e34758
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94de9b73f927bccabc173c6f28f36f21b82fac63...922ceac6a01daa203db8ebf11453be1042e34758
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200825/4fd87a2d/attachment.html>
More information about the debian-security-tracker-commits
mailing list