Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 430b866c by Ola Lundqvist at 2018-01-29T22:02:02+01:00 Triaging result. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -66,6 +66,7 @@ CVE-2018-6353 (The Python console in Electrum through 2.9.4 and 3.x through 3.0. NOTE: MISC:https://github.com/spesmilo/electrum/pull/3700 CVE-2018-6352 (In PoDoFo 0.9.5, there is an Excessive Iteration in the ...) - libpodofo <unfixed> + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1539237 CVE-2018-6351 RESERVED @@ -1467,6 +1468,7 @@ CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in th - libpodofo <unfixed> [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1536179 CVE-2018-5782 RESERVED @@ -2673,11 +2675,13 @@ CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer overflow in the ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532381 CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532390 NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870 NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876 @@ -2743,11 +2747,13 @@ CVE-2018-5296 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in th - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) TODO: check, possibly not reported upstream only in Red Hat Bugzilla CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) TODO: check, possibly not reported upstream only in Red Hat Bugzilla CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an ...) - ming <removed> @@ -30078,6 +30084,7 @@ CVE-2017-12626 [Denial of Service Vulnerabilities] - libapache-poi-java <unfixed> (bug #888651) [stretch] - libapache-poi-java <no-dsa> (Minor issue) [jessie] - libapache-poi-java <no-dsa> (Minor issue) + [wheezy] - libapache-poi-java <no-dsa> (Minor issue) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61338 NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61294 NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=52372 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/430b866ceba53eedf71b357f6fca11d912e57c4c --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/430b866ceba53eedf71b357f6fca11d912e57c4c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits