[Git][security-tracker-team/security-tracker][master] nasm fixed in testing/sid

Moritz Muehlenhoff jmm at debian.org
Thu Sep 24 09:52:17 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
108b513a by Moritz Muehlenhoff at 2020-09-24T10:51:54+02:00
nasm fixed in testing/sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2325,7 +2325,7 @@ CVE-2020-24980
 CVE-2020-24979
 	REJECTED
 CVE-2020-24978 (In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline ...)
-	- nasm <unfixed>
+	- nasm 2.15.04-1
 	[buster] - nasm <no-dsa> (Minor issue)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392712
@@ -48723,9 +48723,10 @@ CVE-2019-20354 (The web application component of piSignage before 2.6.4 allows a
 CVE-2019-20353
 	RESERVED
 CVE-2019-20352 (In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occ ...)
-	- nasm <unfixed> (unimportant)
+	- nasm 2.15.05-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392636
 	NOTE: Crash in CLI tool, no security impact
+	NOTE: https://github.com/netwide-assembler/nasm/commit/7c88289e222dc5ef9f53f9e86ecaab1924744b88
 CVE-2019-20351
 	RESERVED
 CVE-2019-20350
@@ -109651,7 +109652,7 @@ CVE-2018-20536 (There is a heap-based buffer over-read at liblas::SpatialReferen
 	NOTE: https://github.com/libLAS/libLAS/pull/183
 	NOTE: https://github.com/libLAS/libLAS/commit/ca88a11a8a0548d3aa78b643e6c701708b826fa9
 CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...)
-	- nasm <unfixed> (unimportant; bug #918270)
+	- nasm 2.15.04-1 (unimportant; bug #918270)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-20534 (** DISPUTED ** There is an illegal address access at ext/testcase.c in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/108b513a06c64c972c9ea9aba01fb6e8fe4f9a7c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/108b513a06c64c972c9ea9aba01fb6e8fe4f9a7c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200924/1e643364/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list