[Git][security-tracker-team/security-tracker][master] 2 commits: Reference fixing commit for CVE-2018-5786

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac752100 by Salvatore Bonaccorso at 2022-04-12T14:46:15+02:00
Reference fixing commit for CVE-2018-5786

- - - - -
fed11160 by Salvatore Bonaccorso at 2022-04-12T14:46:15+02:00
Mark CVE-2018-5786 as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -268497,9 +268497,12 @@ CVE-2017-18044 (A Command Injection issue was discovered in ContentStore/Base/CV
 	NOT-FOR-US: Commvault
 CVE-2018-5786 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and app ...)
 	- lrzip <unfixed> (bug #888506)
+	[bullseye] - lrzip <no-dsa> (Minor issue)
+	[buster] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/91
+	NOTE: Fixed by: https://github.com/ckolivas/lrzip/commit/3495188cd8f2215a9feea201f3e05c1341ed95fb
 CVE-2018-5785 (In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bo ...)
 	{DSA-4405-1}
 	- openjpeg2 2.3.0-2 (low; bug #888533)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0fac3e199e9123b19a534e5cfc654fe6391e4598...fed1116010a7e01c17d2ca2b225b23e361fc08db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0fac3e199e9123b19a534e5cfc654fe6391e4598...fed1116010a7e01c17d2ca2b225b23e361fc08db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220412/e6410acc/attachment.htm>