[Git][security-tracker-team/security-tracker][master] reintroduced xar fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Mar 10 15:21:54 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c23758ae by Moritz Muehlenhoff at 2025-03-10T16:21:30+01:00
reintroduced xar fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -552896,9 +552896,13 @@ CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 throug
- mpg123 1.25.3-1 (unimportant)
NOTE: no security impact
CVE-2017-11125 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_p ...)
- - xar <unfixed>
+ - xar 1.8.0.498-1
+ NOTE: Per https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC/
+ NOTE: fixed in 1.8 dev branch with 417.1 subversion
CVE-2017-11124 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unser ...)
- - xar <unfixed>
+ - xar 1.8.0.498-1
+ NOTE: Per https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC/
+ NOTE: fixed in 1.8 dev branch with 417.1 subversion
CVE-2017-11123
RESERVED
CVE-2017-11122 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can t ...)
@@ -720323,8 +720327,10 @@ CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute a
CVE-2010-3799
REJECTED
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6 ...)
- - xar <unfixed>
+ - xar 1.8.0.498-1
[lenny] - xar <no-dsa> (Minor issue)
+ NOTE: Per https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC/
+ NOTE: fixed in 1.8 dev branch with 417.1 subversion
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac O ...)
NOT-FOR-US: Apple Wiki Server
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c23758ae78ad6f0d99646748f25e0c007d9c309c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c23758ae78ad6f0d99646748f25e0c007d9c309c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250310/97725837/attachment.htm>
More information about the debian-security-tracker-commits
mailing list