[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-0491: Only affects tor 0.3.2.x series and later

Fri, 20 Apr 2018 23:58:00 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e68721d8 by Salvatore Bonaccorso at 2018-04-21T08:56:44+02:00
CVE-2018-0491: Only affects tor 0.3.2.x series and later

- - - - -
5d5c9939 by Salvatore Bonaccorso at 2018-04-21T08:57:14+02:00
Add commit for CVE-2018-0491 for reference

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -27008,10 +27008,13 @@ CVE-2018-0492 (Johnathan Nightingale beep through 
1.3.4, if setuid, has a race .
        NOTE: https://github.com/johnath/beep/issues/11
 CVE-2018-0491 (A use-after-free issue was discovered in Tor 0.3.2.x before 
0.3.2.10. ...)
        - tor 0.3.2.10-1
-       [wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
+       [stretch] - tor <not-affected> (Only affects tor 0.3.2.x series and 
later)
+       [jessie] - tor <not-affected> (Only affects tor 0.3.2.x series and 
later)
+       [wheezy] - tor <not-affected> (Only affects tor 0.3.2.x series and 
later)
        NOTE: https://trac.torproject.org/projects/tor/ticket/25117
        NOTE: https://trac.torproject.org/projects/tor/ticket/24700
        NOTE: 
https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
+       NOTE: 
https://gitweb.torproject.org/tor.git/commit/?id=adaf3e9b89f62d68ab631b8f672d9bff996689b9
 CVE-2018-0490 (An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 
...)
        - tor 0.3.2.10-1
        [wheezy] - tor <end-of-life> (Not supported in wheezy LTS)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/e8f537471b2766df5430d90dee6877552a68658e...5d5c9939b37f424570240d9a21a208e87ffba546

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/e8f537471b2766df5430d90dee6877552a68658e...5d5c9939b37f424570240d9a21a208e87ffba546
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to