[Secure-testing-commits] r50455 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 8 05:51:20 UTC 2017
Author: carnil
Date: 2017-04-08 05:51:19 +0000 (Sat, 08 Apr 2017)
New Revision: 50455
Modified:
data/CVE/list
Log:
Update information for CVE-2017-758{5,6}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-07 21:42:15 UTC (rev 50454)
+++ data/CVE/list 2017-04-08 05:51:19 UTC (rev 50455)
@@ -1,7 +1,13 @@
CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
- TODO: check
+ - libsndfile 1.0.27-2
+ NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
+ NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
+ NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- TODO: check
+ - libsndfile 1.0.27-2
+ NOTE: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
+ NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
+ NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
CVE-2017-7584 (Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows ...)
TODO: check
CVE-2017-7583 (ILIAS before 5.2.3 has XSS via SVG documents. ...)
More information about the Secure-testing-commits
mailing list