[Git][security-tracker-team/security-tracker][master] file two docker bugs

Wed, 05 Sep 2018 07:44:56 -0700 

Antoine Beaupré pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5d932d56 by Antoine Beaupré at 2018-09-05T14:44:09Z
file two docker bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14099,7 +14099,7 @@ CVE-2018-10893 [Insufficient encoding checks for LZ can 
cause different integer/
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598234
        NOTE: Ongoing patch review: 
https://lists.freedesktop.org/archives/spice-devel/2018-July/044489.html
 CVE-2018-10892 (The default OCI linux spec in oci/defaults{_linux}.go in 
Docker/Moby ...)
-       - docker.io <unfixed>
+       - docker.io <unfixed> (bug #908057)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598581
 CVE-2018-10891 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 
3.3.7, ...)
        - moodle <removed>
@@ -51756,8 +51756,8 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in 
GraphicsMagick 1.3.26 allows rem
 CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 
4.10.x ...)
        NOT-FOR-US: OXID eShop Community Edition
 CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) 
...)
-       - docker.io <unfixed>
-       - golang-github-vbatts-tar-split 0.10.2-1
+       - docker.io <unfixed> (bug #908055)
+       - golang-github-vbatts-tar-split 0.10.2-1 (bug #908056)
        [stretch] - golang-github-vbatts-tar-split <no-dsa> (Minor issue)
        NOTE: Issue needs to be fixed in src:golang-github-vbatts-tar-split 
first
        NOTE: https://github.com/vbatts/tar-split/issues/41



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d932d560b3fe200854a49c0efe415d81bf2d973

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d932d560b3fe200854a49c0efe415d81bf2d973
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to