Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fbbbd806 by Salvatore Bonaccorso at 2018-02-23T07:04:46+01:00 Start tracking five new freexl issues fixed upstream in 1.0.5 Needs clarification if CVEs were requested. According to the comments in the respective Fedora/Red Hat Bugzilla this might not have been the case yet. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,18 @@ +CVE-2018-XXXX [heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record] + - freexl 1.0.5-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892 +CVE-2018-XXXX [heap-buffer-overflow in freexl.c:383 parse_unicode_string] + - freexl 1.0.5-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547889 +CVE-2018-XXXX [heap-buffer-overflow in freexl.c:1866 parse_SST] + - freexl 1.0.5-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547885 +CVE-2018-XXXX [heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST] + - freexl 1.0.5-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547883 +CVE-2018-XXXX [heap-buffer-overflow in freexl::destroy_cell] + - freexl 1.0.5-1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547879 CVE-2018-7415 RESERVED CVE-2018-7414 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbbbd8063e456d2389467e8d9b070e740a05a9ff --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbbbd8063e456d2389467e8d9b070e740a05a9ff You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits