Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b48bdc71 by Sylvain Beucler at 2025-02-10T20:44:08+01:00
CVE-2018-14647: reference expat vulnerabilities required to exploit
Useful when checking alternate Python/elementtree implementations.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -481603,6 +481603,7 @@ CVE-2018-14647 (Python's elementtree C accelerator
failed to initialise Expat's
NOTE: 3.7:
https://github.com/python/cpython/commit/470a435f3b42c9be5fdb7f7b04f3df5663ba7305
NOTE: 3.6:
https://github.com/python/cpython/commit/f7666e828cc3d5873136473ea36ba2013d624fa1
NOTE: 2.7:
https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
+ NOTE: Vulnerability depends on expat CVE-2012-0876 / CVE-2012-6702 /
CVE-2016-5300
CVE-2018-14646 (The Linux kernel before 4.15-rc8 was found to be vulnerable to
a NULL ...)
- linux <not-affected> (Vulnerable code not present in any version
released; apart experimental)
NOTE: Fixed by:
https://git.kernel.org/linus/f428fe4a04cc339166c8bbd489789760de3a0cee
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b48bdc71146cf6969efc3de988394798d213f175
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b48bdc71146cf6969efc3de988394798d213f175
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
