[Secure-testing-commits] r50610 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 13 06:43:07 UTC 2017
Author: carnil
Date: 2017-04-13 06:43:07 +0000 (Thu, 13 Apr 2017)
New Revision: 50610
Modified:
data/CVE/list
Log:
Update libsndfile CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-13 06:27:54 UTC (rev 50609)
+++ data/CVE/list 2017-04-13 06:43:07 UTC (rev 50610)
@@ -3,9 +3,15 @@
CVE-2017-7743
RESERVED
CVE-2017-7742 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
+ NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
+ TODO: need to check this closer and as well the related CVE, at least the invalid READ seems unfixed
CVE-2017-7741 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
+ NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
+ TODO: need to check this closer and as well the related CVE, at least the invalid READ seems unfixed
CVE-2017-7740
RESERVED
CVE-2017-7739
More information about the Secure-testing-commits
mailing list