[Git][security-tracker-team/security-tracker][master] Document upstream commits for cflow issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 29 10:00:51 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc8aaeca by Salvatore Bonaccorso at 2021-12-29T11:00:13+01:00
Document upstream commits for cflow issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90425,6 +90425,7 @@ CVE-2020-23857
CVE-2020-23856 (Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ...)
- cflow 1:1.6-6 (unimportant; bug #988985)
NOTE: https://lists.gnu.org/archive/html/bug-cflow/2020-07/msg00000.html
+ NOTE: https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
NOTE: Crash in CLI tool, no security impact
CVE-2020-23855
RESERVED
@@ -159630,10 +159631,12 @@ CVE-2019-16167 (sysstat before 12.1.6 has memory corruption due to an Integer Ov
CVE-2019-16166 (GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ...)
- cflow 1:1.6-6 (unimportant; bug #939916)
NOTE: https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00000.html
+ NOTE: https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
NOTE: Crash in CLI tool, no security impact
CVE-2019-16165 (GNU cflow through 1.6 has a use-after-free in the reference function i ...)
- cflow 1:1.6-6 (unimportant; bug #939915)
NOTE: https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00001.html
+ NOTE: https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
NOTE: Crash in CLI tool, no security impact
CVE-2019-16164 (MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_nod ...)
NOT-FOR-US: MyHTML
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8aaecabf6432784d33983cf0e3def4a69dd411
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc8aaecabf6432784d33983cf0e3def4a69dd411
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211229/aac6ad16/attachment.htm>
More information about the debian-security-tracker-commits
mailing list