[Secure-testing-commits] r30297 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Tue Nov 25 09:27:01 UTC 2014
Author: fgeek-guest
Date: 2014-11-25 09:27:01 +0000 (Tue, 25 Nov 2014)
New Revision: 30297
Modified:
data/CVE/list
Log:
CVE-2014-9028, CVE-2014-8962 flac
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-25 09:14:34 UTC (rev 30296)
+++ data/CVE/list 2014-11-25 09:27:01 UTC (rev 30297)
@@ -68,6 +68,9 @@
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24469
NOTE: http://downloads.digium.com/pub/security/AST-2014-012.html
TODO: check
+CVE-2014-9028 [Heap buffer write overflow]
+ - flac <unfixed> (bug #770918)
+ NOTE: Upstream patch https://git.xiph.org/?p=flac.git;a=commit;h=fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
CVE-2014-9014
RESERVED
CVE-2014-9013
@@ -796,9 +799,9 @@
NOTE: seem to be needed for older pcre3 versions.
CVE-2014-8963
RESERVED
-CVE-2014-8962 [unspecified vulnerability]
+CVE-2014-8962 [Heap buffer read overflow]
RESERVED
- - flac <unfixed>
+ - flac <unfixed> (bug #770918)
NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5b3033a2b355068c11fe637e14ac742d273f076e
NOTE: http://lists.xiph.org/pipermail/flac-dev/2014-November/005185.html
CVE-2014-8961 [leakage of line count of an arbitrary file (PMASA-2014-16)]
More information about the Secure-testing-commits
mailing list