Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
430b866c by Ola Lundqvist at 2018-01-29T22:02:02+01:00
Triaging result.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -66,6 +66,7 @@ CVE-2018-6353 (The Python console in Electrum through 2.9.4
and 3.x through 3.0.
NOTE: MISC:https://github.com/spesmilo/electrum/pull/3700
CVE-2018-6352 (In PoDoFo 0.9.5, there is an Excessive Iteration in the ...)
- libpodofo <unfixed>
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1539237
CVE-2018-6351
RESERVED
@@ -1467,6 +1468,7 @@ CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled
memory allocation in th
- libpodofo <unfixed>
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1536179
CVE-2018-5782
RESERVED
@@ -2673,11 +2675,13 @@ CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer
overflow in the ...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532381
CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the
...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532390
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876
@@ -2743,11 +2747,13 @@ CVE-2018-5296 (In PoDoFo 0.9.5, there is an
uncontrolled memory allocation in th
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
TODO: check, possibly not reported upstream only in Red Hat Bugzilla
CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the ...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
TODO: check, possibly not reported upstream only in Red Hat Bugzilla
CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an
...)
- ming <removed>
@@ -30078,6 +30084,7 @@ CVE-2017-12626 [Denial of Service Vulnerabilities]
- libapache-poi-java <unfixed> (bug #888651)
[stretch] - libapache-poi-java <no-dsa> (Minor issue)
[jessie] - libapache-poi-java <no-dsa> (Minor issue)
+ [wheezy] - libapache-poi-java <no-dsa> (Minor issue)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61338
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61294
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=52372
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/430b866ceba53eedf71b357f6fca11d912e57c4c
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/430b866ceba53eedf71b357f6fca11d912e57c4c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
