[Secure-testing-commits] r54156 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Aug 1 07:37:57 UTC 2017


Author: carnil
Date: 2017-08-01 07:37:57 +0000 (Tue, 01 Aug 2017)
New Revision: 54156

Modified:
   data/CVE/list
Log:
Triage CVE-2017-1155{0,1}/libid3tag

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-01 07:07:59 UTC (rev 54155)
+++ data/CVE/list	2017-08-01 07:37:57 UTC (rev 54156)
@@ -675,9 +675,12 @@
 CVE-2017-11552
 	RESERVED
 CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows ...)
-	TODO: check
+	- libid3tag <unfixed>
+	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 CVE-2017-11550 (The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows ...)
-	TODO: check
+	- libid3tag 0.15.1b-9 (bug #405801)
+	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
+	NOTE: Addressed by the 11_unknown_encoding.dpatch patch
 CVE-2017-11549 (The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote ...)
 	TODO: check
 CVE-2017-11548 (The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 ...)




More information about the Secure-testing-commits mailing list