[Secure-testing-commits] r54156 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 1 07:37:57 UTC 2017
Author: carnil
Date: 2017-08-01 07:37:57 +0000 (Tue, 01 Aug 2017)
New Revision: 54156
Modified:
data/CVE/list
Log:
Triage CVE-2017-1155{0,1}/libid3tag
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-01 07:07:59 UTC (rev 54155)
+++ data/CVE/list 2017-08-01 07:37:57 UTC (rev 54156)
@@ -675,9 +675,12 @@
CVE-2017-11552
RESERVED
CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows ...)
- TODO: check
+ - libid3tag <unfixed>
+ NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
CVE-2017-11550 (The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows ...)
- TODO: check
+ - libid3tag 0.15.1b-9 (bug #405801)
+ NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
+ NOTE: Addressed by the 11_unknown_encoding.dpatch patch
CVE-2017-11549 (The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote ...)
TODO: check
CVE-2017-11548 (The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 ...)
More information about the Secure-testing-commits
mailing list