[Git][security-tracker-team/security-tracker][master] bugs

Fri, 29 Jun 2018 14:13:33 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a8e80e4 by Moritz Muehlenhoff at 2018-06-29T23:13:08+02:00
bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -285,7 +285,7 @@ CVE-2018-12902 (In Easy Magazine through 2012-10-26, there 
is XSS in the search 
 CVE-2018-12901
        RESERVED
 CVE-2018-12900 (Heap-based buffer overflow in the cpSeparateBufToContigBuf 
function in ...)
-       - tiff <unfixed>
+       - tiff <unfixed> (bug #902718)
        [stretch] - tiff <postponed> (Minor issue, can be fixed along in future 
DSA)
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2798
 CVE-2018-12899
@@ -922,7 +922,7 @@ CVE-2018-1000548 (Umlet version &lt; 14.3 contains a XML 
External Entity (XXE) .
 CVE-2018-1000547 (coreBOS version 7.0 and earlier contains a Incorrect Access 
Control ...)
        NOT-FOR-US: CoreBOS
 CVE-2018-1000546 (Triplea version &lt;= 1.9.0.0.10291 contains a XML External 
Entity (XXE) ...)
-       - triplea <unfixed> (low)
+       - triplea <unfixed> (low; bug #902719)
        [stretch] - triplea <no-dsa> (Minor issue)
        [jessie] - triplea <no-dsa> (Minor issue)
        NOTE: https://0dd.zone/2018/05/31/TripleA-XXE/
@@ -930,7 +930,7 @@ CVE-2018-1000546 (Triplea version &lt;= 1.9.0.0.10291 
contains a XML External En
 CVE-2018-1000545
        REJECTED
 CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a 
Directory ...)
-       - ruby-zip <unfixed>
+       - ruby-zip <unfixed> (bug #902720)
        NOTE: https://github.com/rubyzip/rubyzip/issues/369
 CVE-2018-1000543 (Akiee version 0.0.3 contains a XSS leading to code execution 
due to ...)
        NOT-FOR-US: Akiee



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a8e80e46b54f910c189419a88a0724be11cab3d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a8e80e46b54f910c189419a88a0724be11cab3d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to