libcaca as unimportant

Salvatore Bonaccorso Sun, 30 Dec 2018 00:54:31 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
da4325c6 by Salvatore Bonaccorso at 2018-12-30T08:52:31Z
Mark CVE-2018-2054{5,8}/libcaca as unimportant

Although affected source code wise for both upstream issues, the binary
packages as produced in Debian use the Imlib2 library for the build and
not the fallback BMP loader.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,10 +89,11 @@ CVE-2018-20549 (There is an illegal WRITE memory access at 
caca/file.c (function
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
        NOTE: https://github.com/cacalabs/libcaca/issues/41
 CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c 
(function ...)
-       - libcaca <unfixed>
+       - libcaca <unfixed> (unimportant)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
        NOTE: https://github.com/cacalabs/libcaca/issues/40
        NOTE: Upstream fix: 
https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
+       NOTE: Debian binary packages built with the Imlib2 library
 CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c 
(function ...)
        - libcaca <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
@@ -102,10 +103,11 @@ CVE-2018-20546 (There is an illegal READ memory access at 
caca/dither.c (functio
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
        NOTE: https://github.com/cacalabs/libcaca/issues/38
 CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c 
(function ...)
-       - libcaca <unfixed>
+       - libcaca <unfixed> (unimportant)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
        NOTE: https://github.com/cacalabs/libcaca/issues/37
        NOTE: Upstream fix: 
https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
+       NOTE: Debian binary packages built with the Imlib2 library
 CVE-2018-20544 (There is floating point exception at caca/dither.c (function 
...)
        - libcaca <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da4325c6742aaf924a53eec073280a9d0c95cf47

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da4325c6742aaf924a53eec073280a9d0c95cf47
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-2054{5,8}/libcaca as unimportant

Reply via email to