[Secure-testing-commits] r50456 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 8 06:04:51 UTC 2017
Author: carnil
Date: 2017-04-08 06:04:51 +0000 (Sat, 08 Apr 2017)
New Revision: 50456
Modified:
data/CVE/list
Log:
Add patch reference for libsndfile
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-08 05:51:19 UTC (rev 50455)
+++ data/CVE/list 2017-04-08 06:04:51 UTC (rev 50456)
@@ -3,11 +3,13 @@
NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
+ NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- libsndfile 1.0.27-2
NOTE: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
+ NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
CVE-2017-7584 (Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows ...)
TODO: check
CVE-2017-7583 (ILIAS before 5.2.3 has XSS via SVG documents. ...)
More information about the Secure-testing-commits
mailing list