[Secure-testing-commits] r50673 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Apr 14 15:09:55 UTC 2017 

Author: carnil
Date: 2017-04-14 15:09:55 +0000 (Fri, 14 Apr 2017)
New Revision: 50673

Modified:
   data/CVE/list
Log:
Minor issues for libsndfile, mark as no-dsa for jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-14 15:09:44 UTC (rev 50672)
+++ data/CVE/list	2017-04-14 15:09:55 UTC (rev 50673)
@@ -319,10 +319,12 @@
 	RESERVED
 CVE-2017-7742 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
 	- libsndfile <unfixed> (bug #860255)
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
 CVE-2017-7741 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
 	- libsndfile 1.0.27-2
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
@@ -736,12 +738,14 @@
 	RESERVED
 CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
 	- libsndfile 1.0.27-2
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
 	NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.net/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
 CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...)
 	- libsndfile 1.0.27-2
+	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue

More information about the Secure-testing-commits mailing list