[Secure-testing-team] Bug#870900: CVE-2017-12481 CVE-2017-12482
Moritz Muehlenhoff
jmm at debian.org
Sun Aug 6 08:41:25 UTC 2017
Package: ledger
Version: 3.1.2~pre1+g3a00e1c+dfsg1-2+b1
Severity: normal
Tags: security
CVE-2017-12481 was assigned to http://bugs.ledger-cli.org/show_bug.cgi?id=1222
and CVE-2017-12482 was assigned to http://bugs.ledger-cli.org/show_bug.cgi?id=1224
CVE-2017-12482 is probably entirely mitigated by the hardening build options and
it general is feels somewhat silly to assign CVE IDs for such crashes...
Cheers,
Moritz
More information about the Secure-testing-team
mailing list