Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1bf89d19 by Salvatore Bonaccorso at 2018-03-04T08:35:17+01:00
Update CVE-2017-18174 information
Rationale: in kernel-sec the conclusion was that the double-free issue
is only introduced within the 4.11 release cycle and fixed in the same
relase cycle, but not affecting 4.7 version.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2950,11 +2950,8 @@ CVE-2018-1000041 (GNOME librsvg version before commit
...)
NOTE: Merge of changes:
https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea
NOTE:
https://github.com/GNOME/librsvg/commit/4de19d9fdddf81773125b04a4defe1ffd0d3bfe0
CVE-2017-18174 (In the Linux kernel before 4.7, the amd_gpio_remove function
in ...)
- - linux 4.11.6-1
- [stretch] - linux <not-affected> (Issue introduced later)
- [jessie] - linux <not-affected> (Vulnerable code not present)
- [wheezy] - linux <not-affected> (Vulnerable code not present)
- NOTE: Fixed by:
https://git.kernel.org/linus/8dca4a41f1ad65043a78c2338d9725f859c8d2c3
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: double-free introduced and fixed in the 4.11 release cycle
CVE-2017-18173
RESERVED
CVE-2017-18172
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1bf89d19610a22b25b82f42d3acb6d2e21577e5e
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1bf89d19610a22b25b82f42d3acb6d2e21577e5e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
