[Git][security-tracker-team/security-tracker][master] CVE-2018-1311/xerces-c: reference stretch mitigation
Sylvain Beucler (@beuc)
beuc at debian.org
Thu Apr 14 14:46:05 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bba95208 by Sylvain Beucler at 2022-04-14T15:45:41+02:00
CVE-2018-1311/xerces-c: reference stretch mitigation
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -281710,7 +281710,7 @@ CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest a
CVE-2018-1311 (The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ...)
{DSA-4814-1}
- xerces-c 3.2.3+debian-2 (bug #947431)
- [stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream)
+ [stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream, mitigated in DLA 2498-1)
[jessie] - xerces-c <postponed> (slow upstream interest, proper fix likely to break ABI compatibility)
NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt
NOTE: https://issues.apache.org/jira/browse/XERCESC-2188
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bba95208c717b32a7177820db2e5c282f9f69d2e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bba95208c717b32a7177820db2e5c282f9f69d2e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/0d9cb457/attachment.htm>
More information about the debian-security-tracker-commits
mailing list