[Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-25018
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 8 20:06:59 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bfc5d67b by Salvatore Bonaccorso at 2021-12-08T21:05:23+01:00
Update status for CVE-2018-25018
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24388,9 +24388,7 @@ CVE-2019-25049 (LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_i
CVE-2019-25048 (LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_p ...)
- libressl <itp> (bug #754513)
CVE-2018-25018 (UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write durin ...)
- - unrar-nonfree <unfixed> (bug #990541)
- [bullseye] - unrar-nonfree <no-dsa> (Non-free not supported)
- [buster] - unrar-nonfree <no-dsa> (Non-free not supported)
+ - unrar-nonfree 1:5.6.6-1 (bug #990541)
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfc5d67b555a11cd3ebec85afa647842e64c332f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfc5d67b555a11cd3ebec85afa647842e64c332f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211208/9c3acc68/attachment.htm>
More information about the debian-security-tracker-commits
mailing list