[Secure-testing-commits] r50673 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 14 15:09:55 UTC 2017
Author: carnil
Date: 2017-04-14 15:09:55 +0000 (Fri, 14 Apr 2017)
New Revision: 50673
Modified:
data/CVE/list
Log:
Minor issues for libsndfile, mark as no-dsa for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-14 15:09:44 UTC (rev 50672)
+++ data/CVE/list 2017-04-14 15:09:55 UTC (rev 50673)
@@ -319,10 +319,12 @@
RESERVED
CVE-2017-7742 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- libsndfile <unfixed> (bug #860255)
+ [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
CVE-2017-7741 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- libsndfile 1.0.27-2
+ [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
@@ -736,12 +738,14 @@
RESERVED
CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
- libsndfile 1.0.27-2
+ [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
- libsndfile 1.0.27-2
+ [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
More information about the Secure-testing-commits
mailing list