[Secure-testing-commits] r31668 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 25 18:23:51 UTC 2015
Author: carnil
Date: 2015-01-25 18:23:51 +0000 (Sun, 25 Jan 2015)
New Revision: 31668
Modified:
data/CVE/list
Log:
Adjust information for CVE-2014-9640/vorbis-tools
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-25 16:38:36 UTC (rev 31667)
+++ data/CVE/list 2015-01-25 18:23:51 UTC (rev 31668)
@@ -303,7 +303,7 @@
- opus-tools <unfixed>
NOTE: https://trac.xiph.org/ticket/2136
CVE-2014-9640 [segfault when trying to encode trivial raw input]
- - vorbis-tools <unfixed> (bug #776086)
+ - vorbis-tools 1.4.0-6 (bug #771363)
NOTE: https://trac.xiph.org/ticket/2009
NOTE: Upstream fix: https://trac.xiph.org/changeset/19117
CVE-2014-XXXX [Bug 26437 - prevent /api/* from returning text/html error messages which could act as an XSS vector]
More information about the Secure-testing-commits
mailing list