<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/3508be63b51341a257ad4dd6ac446ad0c5675da0">3508be63</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2018-05-01T05:44:39+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Expand note for CVE-2018-7263

Back in february 2018, this was tried to be clarified with MITRE.

Basically there are two CVE assignments left, and CVE-2018-7263 not

marked as duplicate of CVE-2017-11552 (but instead used the formulateion

"this might overlap with ...") because tere was no clear proof that they

are exactly the same errors. Futher it was stated "However, if there are

two different code paths by which libmad is used incorrectly, and both

code paths result in "double free or corruption" errors, then we would

represent this with two CVEs."

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/3508be63b51341a257ad4dd6ac446ad0c5675da0#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/3508be63b51341a257ad4dd6ac446ad0c5675da0">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/3508be63b51341a257ad4dd6ac446ad0c5675da0"}}</script>

</p>

</div>

</body>

</html>