Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d912e1ab by Salvatore Bonaccorso at 2018-04-12T20:45:46+02:00 Add CVE-2018-1084/corosync - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -24005,8 +24005,13 @@ CVE-2018-1086 [Debug parameter removal bypass, allowing information disclosure] CVE-2018-1085 RESERVED NOT-FOR-US: openshift-ansible -CVE-2018-1084 +CVE-2018-1084 [Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function] RESERVED + - corosync <unfixed> + [jessie] - corosync <not-affected> (Vulnerable code introduced later) + NOTE: http://www.openwall.com/lists/oss-security/2018/04/12/2 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552830 + NOTE: Fixed by: https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4 CVE-2018-1083 (Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in ...) {DLA-1335-1} - zsh 5.4.2-4 (low; bug #894043) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d912e1abb711bad9f8ac5f63b821847be9620f52 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d912e1abb711bad9f8ac5f63b821847be9620f52 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits