[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2018-6548: chromium-browser

Sun, 04 Feb 2018 18:52:35 -0800 

Luciano Bello pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c6864d05 by Luciano Bello at 2018-02-04T21:35:58-05:00
CVE-2018-6548: chromium-browser <unfixed>

- - - - -
9d6005e5 by Luciano Bello at 2018-02-04T21:49:04-05:00
CVE-2018-6317: NFU

- - - - -
e939cb82 by Luciano Bello at 2018-02-04T21:51:25-05:00
CVE-2018-5261: NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -184,6 +184,10 @@ CVE-2017-18121 (The consentAdmin module in SimpleSAMLphp 
through 1.14.15 is vuln
 CVE-2018-6549
        RESERVED
 CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 
2018-02-02. If ...)
+       - chromium-browser <unfixed>
+       [wheezy] - chromium-browser <end-of-life> (Not supported in wheezy LTS)
+       NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
+       NOTE: 
https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
        TODO: check
 CVE-2018-6547
        RESERVED
@@ -883,7 +887,7 @@ CVE-2018-6319 (In Sophos Tester Tool 3.2.0.7 Beta, the 
driver accepts a special 
 CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the 
context ...)
        NOT-FOR-US: Sophos Tester Tool
 CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and 
...)
-       TODO: check
+       NOT-FOR-US: Claymore's Dual Ethereum
 CVE-2018-6316
        RESERVED
 CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in 
libming ...)
@@ -3595,7 +3599,7 @@ CVE-2018-5263 (The StackIdeas EasyDiscuss (aka 
com_easydiscuss) extension before
 CVE-2018-5262 (A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and 
earlier ...)
        NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5261 (An issue was discovered in Flexense DiskBoss 8.8.16 and 
earlier. Due ...)
-       TODO: check
+       NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5260
        RESERVED
 CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to 
bypass ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/886db6a37a59fb415b84eecb27307f3661d8d126...e939cb82604c723baf9e167c3486df5e2deea89a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/886db6a37a59fb415b84eecb27307f3661d8d126...e939cb82604c723baf9e167c3486df5e2deea89a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to