Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ae2b9a60 by Salvatore Bonaccorso at 2018-02-23T10:14:07+01:00 Mark CVE-2018-7408/npm as not-affected The isuse was introduced in https://github.com/npm/npm/commit/94227e15eeced836b3d7b3d2b5e5cc41d4959cff and reverted with the commit https://github.com/npm/npm/commit/74e149da6efe6ed89477faa81fef08eee7999ad0 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -42,7 +42,7 @@ CVE-2018-7410 CVE-2018-7409 (In unixODBC before 2.3.5, there is a buffer overflow in the ...) - unixodbc <unfixed> CVE-2018-7408 (An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked ...) - TODO: check + - npm <not-affected> (Vulnerable code introduced later) CVE-2018-7407 RESERVED CVE-2018-7406 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae2b9a606944c6a288e0bf9d4eafa1afea173bd8 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae2b9a606944c6a288e0bf9d4eafa1afea173bd8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
