Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2e4eb12a by Salvatore Bonaccorso at 2018-03-09T07:56:54+01:00 Add CVE-2018-580{0,1,2}/libraw - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -6068,12 +6068,18 @@ CVE-2018-5803 [Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp RESERVED - linux <unfixed> NOTE: Fixed by: https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c -CVE-2018-5802 +CVE-2018-5802 [Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp] RESERVED -CVE-2018-5801 + - libraw 0.18.7-1 + NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt +CVE-2018-5801 [NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp] RESERVED -CVE-2018-5800 + - libraw 0.18.7-1 + NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt +CVE-2018-5800 [Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp] RESERVED + - libraw 0.18.7-1 + NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt CVE-2018-1000006 (GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, ...) - electron <itp> (bug #842420) NOTE: Linux is not affected View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e4eb12ade05d1817adf185f5f01d5ebba7009f4 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2e4eb12ade05d1817adf185f5f01d5ebba7009f4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits