Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e4eb12a by Salvatore Bonaccorso at 2018-03-09T07:56:54+01:00
Add CVE-2018-580{0,1,2}/libraw
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6068,12 +6068,18 @@ CVE-2018-5803 [Missing length check of payload in
net/sctp/sm_make_chunk.c:_sctp
RESERVED
- linux <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
-CVE-2018-5802
+CVE-2018-5802 [Out-of-bounds read in kodak_radc_load_raw function
internal/dcraw_common.cpp]
RESERVED
-CVE-2018-5801
+ - libraw 0.18.7-1
+ NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
+CVE-2018-5801 [NULL pointer dereference in LibRaw::unpack function
src/libraw_cxx.cpp]
RESERVED
-CVE-2018-5800
+ - libraw 0.18.7-1
+ NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
+CVE-2018-5800 [Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw
function in internal/dcraw_common.cpp]
RESERVED
+ - libraw 0.18.7-1
+ NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
CVE-2018-1000006 (GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10
and earlier, ...)
- electron <itp> (bug #842420)
NOTE: Linux is not affected
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e4eb12ade05d1817adf185f5f01d5ebba7009f4
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e4eb12ade05d1817adf185f5f01d5ebba7009f4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
