[Secure-testing-commits] r54169 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 1 09:07:56 UTC 2017
Author: carnil
Date: 2017-08-01 09:07:56 +0000 (Tue, 01 Aug 2017)
New Revision: 54169
Modified:
data/CVE/list
Log:
Add bug references for libvorbis CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-01 09:06:47 UTC (rev 54168)
+++ data/CVE/list 2017-08-01 09:07:56 UTC (rev 54169)
@@ -108,7 +108,7 @@
CVE-2017-11736 (SQL injection vulnerability in ...)
NOT-FOR-US: BigTree CMS
CVE-2017-11735 (The vorbis_block_clear function in lib/block.c in Xiph.Org libvorbis ...)
- - libvorbis <unfixed>
+ - libvorbis <unfixed> (bug #870342)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
CVE-2017-11734 (A heap-based buffer over-read was found in the function ...)
- ming <removed>
@@ -1304,7 +1304,7 @@
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...)
- - libvorbis <unfixed>
+ - libvorbis <unfixed> (bug #870341)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
- sox <unfixed> (bug #870328)
More information about the Secure-testing-commits
mailing list