v1.8.4 security update
-
Security fix for CVE-2019-11024 (#85), recursive loop problem,
reported by @Loginsoft-Research. -
Security fix for #73, illegal memory access problem,
reported by @hongxuchen. -
Security fix for #89, core dumped issue,
reported by @niugx. -
Security fix for #107, large memory allocation problem,
reported by @cuanduo. -
Security fix for #114, heap-buffer-overflow problem,
reported by @SuhwanSong. -
Security fix for #116, heap-buffer-overflow problem,
reported by @SuhwanSong. -
Security fix for #118, heap-buffer-overflow problem,
reported by @SuhwanSong. -
Security fix for #121, heap-buffer-overflow problem,
reported by @gutiniao
For more details, see below summary of vulnerabilities.
| No. | assigned CVE | PR | patch | status | fixed on | comment |
|---|---|---|---|---|---|---|
| #67 | CVE-2018-14072 CVE-2018-14073 | - | f94bc6f 84ed0bc | resolved | v1.8.2 | |
| #68 | - | - | 6a19d99 94a647c | resolved | v1.8.2 | |
| #69 | - | - | 0d70e04 | resolved | v1.8.2 | |
| #70 | - | - | 438188c | resolved | v1.8.2 | |
| #71 | - | - | 01c0bad ba21bb9 | resolved | v1.8.2 | |
| #72 | - | - | 570d6ae | released | v1.8.3 | |
| #73 | - | - | cb373ab 26ac06f | resolved | v1.8.4 | |
| #74 | - | - | - | not resolved | - | |
| #75 | - | - | 7808a06 | resolved | v1.8.3 | |
| #76 | - | - | e3a4c0e 3c071b9 d7b2600 197d025 | partially resolved | partially fixed on v1.8.3 | |
| #77 | CVE-2018-19759 | #98 | 5f64fb1 | resolved | v1.8.3 | |
| #78 | CVE-2018-19761 | (#106) | (1377517) | resolved | v1.8.3 | *same as #105 |
| #79 | CVE-2018-19757 | #91 #94 | e903c93 a53c872 | resolved | v1.8.3 | |
| #80 | CVE-2018-19756 | #93 | d6e34fc | resolved | v1.8.3 | |
| #81 | CVE-2018-19762 | #92 | 9861272 | resolved | v1.8.3 | |
| #82 | CVE-2018-19763 | #95 | 614e761 | resolved | v1.8.3 | |
| #83 | CVE-2019-3573 CVE-2019-3574 | #99 | 9c013f2 68ecbc1 | resolved | v1.8.3 | |
| #85 | CVE-2019-11024 | - | b418f35 | resolved | v1.8.4 | |
| #88 | - | - | 7808a06 | resolved | v1.8.3 | |
| #89 | - | - | a516125 | resolved | v1.8.4 | |
| #90 | - | - | (1377517) | resolved | v1.8.3 | *same as #105 |
| #97 | - | - | (1377517) | resolved | v1.8.3 | *same as #105 |
| #102 | CVE-2019-19638 | #106 | e17c076 | resolved | v1.8.3 | |
| #103 | CVE-2019-19635 | #106 | 1377517 | resolved | v1.8.3 | |
| #104 | CVE-2019-19636 | #106 | bf46a7b | resolved | v1.8.3 | |
| #105 | CVE-2019-19637 | #106 | 1377517 | resolved | v1.8.3 | |
| #107 | - | - | 1d35033 | resolved | v1.8.4 | |
| #108 | (CVE-2019-19638) | (#106) | (e17c076) | resolved | v1.8.3 | *same as #102 |
| #109 | CVE-2019-19777 | (#93) | (d6e34fc) | resolved | v1.8.3 | *same as #80 |
| #110 | CVE-2019-19778 | (#95) | (614e761) | resolved | v1.8.3 | *same as #82 |
| #111 | - | (#106) | (1377517) | resolved | v1.8.3 | *same as #105 |
| #113 | - | (#93) | (aac1df6) | resolved | v1.8.3 | *same as #80 |
| #114 | - | - | (9d0a7ff) | resolved | v1.8.4 | *same as #116 |
| #116 | - | - | 9d0a7ff | resolved | v1.8.4 | |
| #117 | - | - | b9a4175 | patched | - | |
| #118 | - | - | 6367d2f | resolved | v1.8.4 | |
| #119 | - | - | b9a4175 | patched | - | *same as #117 |
| #120 | - | - | b9a4175 | patched | - | *same as #117 |
| #121 | - | (6367d2f) | resolved | v1.8.4 | *same as |