[Git][security-tracker-team/security-tracker][master] nasm: Active git repository moved to GitHub

Salvatore Bonaccorso carnil at debian.org
Tue Aug 25 22:31:44 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c9ae5556 by Salvatore Bonaccorso at 2020-08-25T23:31:05+02:00
nasm: Active git repository moved to GitHub

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -112763,7 +112763,7 @@ CVE-2018-19756 (There is a heap-based buffer over-read at stb_image.h (function:
 CVE-2018-19755 (There is an illegal address access at asm/preproc.c (function: is_mmac ...)
 	- nasm <unfixed> (unimportant; bug #915087)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392528
-	NOTE: https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
+	NOTE: https://github.com/netwide-assembler/nasm/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-19754 (Tarantella Enterprise before 3.11 allows bypassing Access Control. ...)
 	NOT-FOR-US: Tarantella Enterprise
@@ -117328,17 +117328,17 @@ CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392425
-	NOTE: Fix: https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
+	NOTE: Fix: https://github.com/netwide-assembler/nasm/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1115758#c7
 CVE-2018-19215 (Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392525
-	NOTE: https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
+	NOTE: https://github.com/netwide-assembler/nasm/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
 	NOTE: No security impact, crash in CLI tool
 CVE-2018-19214 (Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392521
-	NOTE: https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354
+	NOTE: https://github.com/netwide-assembler/nasm/commit/661f723d39e03ca6eb05d7376a43ca33db478354
 	NOTE: No security impact, crash in CLI tool
 CVE-2018-19213 (Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ...)
 	- nasm <unfixed> (unimportant)
@@ -144947,7 +144947,7 @@ CVE-2018-8881 (Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392446
-	NOTE: https://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
+	NOTE: https://github.com/netwide-assembler/nasm/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
 CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check ...)
 	NOT-FOR-US: Lutron Quantum BACnet Integration
 CVE-2018-8879 (Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS device ...)
@@ -160735,7 +160735,7 @@ CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
-	NOTE: https://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
+	NOTE: https://github.com/netwide-assembler/nasm/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
 CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
@@ -160759,7 +160759,7 @@ CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: https://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
+	NOTE: https://github.com/netwide-assembler/nasm/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
 CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_d ...)
 	- nasm 2.13.02-0.1
@@ -160778,7 +160778,7 @@ CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffe
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: https://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
+	NOTE: https://github.com/netwide-assembler/nasm/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
 CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
@@ -160791,7 +160791,7 @@ CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: https://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
+	NOTE: https://github.com/netwide-assembler/nasm/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
 CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservic ...)
 	NOT-FOR-US: Golden Frog VyprVPN



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9ae5556dc8c2cd7eb3975af361fb92bf762e0cf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9ae5556dc8c2cd7eb3975af361fb92bf762e0cf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200825/f0933cc9/attachment.html>

More information about the debian-security-tracker-commits mailing list