[Secure-testing-commits] r54198 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Wed Aug 2 12:06:51 UTC 2017
Author: apo
Date: 2017-08-02 12:06:51 +0000 (Wed, 02 Aug 2017)
New Revision: 54198
Modified:
data/CVE/list
Log:
Add link to upstream bug report for sox issues.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-02 11:53:09 UTC (rev 54197)
+++ data/CVE/list 2017-08-02 12:06:51 UTC (rev 54198)
@@ -2108,11 +2108,13 @@
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
+ NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...)
- sox <unfixed> (bug #870328)
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
+ NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
CVE-2017-11357
RESERVED
CVE-2017-11356
@@ -2224,6 +2226,7 @@
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
+ NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
CVE-2017-11331 (The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ...)
- vorbis-tools <unfixed> (unimportant)
NOTE: The issue is "covered" by the fix applied in 0016-oggenc-validate-count-of-channels-in-the-header-CVE-.patch
More information about the Secure-testing-commits
mailing list