[Secure-testing-commits] r31603 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jan 22 17:05:27 UTC 2015
Author: carnil
Date: 2015-01-22 17:05:27 +0000 (Thu, 22 Jan 2015)
New Revision: 31603
Modified:
data/CVE/list
Log:
CVE assigned for vorbis-tools
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-22 16:47:52 UTC (rev 31602)
+++ data/CVE/list 2015-01-22 17:05:27 UTC (rev 31603)
@@ -1,19 +1,16 @@
CVE-2015-XXXX [buffer overrun in acknowledge.c(gi)]
- xymon <unfixed> (bug #776007)
TODO: check
-CVE-2015-XXXX [Oggenc division by zero issue]
+CVE-2014-9638 [Oggenc division by zero issue]
- vorbis-tools <unfixed>
NOTE: https://trac.xiph.org/ticket/2137
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/5
-CVE-2015-XXXX [Oggenc channel integer overflow]
+CVE-2014-9639 [Oggenc channel integer overflow]
- vorbis-tools <unfixed>
NOTE: https://trac.xiph.org/ticket/2136
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/5
-CVE-2014-XXXX [segfault when trying to encode trivial raw input]
+CVE-2014-9640 [segfault when trying to encode trivial raw input]
- vorbis-tools <unfixed>
NOTE: https://trac.xiph.org/ticket/2009
NOTE: Upstream fix: https://trac.xiph.org/changeset/19117
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/6
CVE-2014-XXXX [Bug 26437 - prevent /api/* from returning text/html error messages which could act as an XSS vector]
- rabbitmq-server 3.4.1-1
NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
More information about the Secure-testing-commits
mailing list