Source: nasm Version: 2.14-1 Severity: important Tags: patch security upstream Forwarded: https://bugzilla.nasm.us/show_bug.cgi?id=3392528
Hi, The following vulnerability was published for nasm. CVE-2018-19755[0]: | There is an illegal address access at asm/preproc.c (function: | is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a | denial of service (out-of-bounds array access) because a certain | conversion can result in a negative integer. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-19755 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19755 [1] https://bugzilla.nasm.us/show_bug.cgi?id=3392528 [2] https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb Please adjust the affected versions in the BTS as needed. Regards, Salvatore
