[Secure-testing-commits] r54211 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Aug 2 21:09:59 UTC 2017 

Author: jmm
Date: 2017-08-02 21:09:59 +0000 (Wed, 02 Aug 2017)
New Revision: 54211

Modified:
   data/CVE/list
Log:
timidity unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-02 20:54:24 UTC (rev 54210)
+++ data/CVE/list	2017-08-02 21:09:59 UTC (rev 54211)
@@ -1606,26 +1606,20 @@
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 	NOTE: Addressed by the 11_unknown_encoding.dpatch patch
 CVE-2017-11549 (The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote ...)
-	- timidity <unfixed> (bug #870338)
-	[stretch] - timidity <no-dsa> (Minor issue)
-	[jessie] - timidity <no-dsa> (Minor issue)
-	[wheezy] - timidity <no-dsa> (Minor issue)
+	- timidity <unfixed> (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
+	NOTE: Crash in CLI tool, no security impact
 CVE-2017-11548 (The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 ...)
 	- libao <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/84
 CVE-2017-11547 (The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows ...)
-	- timidity <unfixed> (bug #870338)
-	[stretch] - timidity <no-dsa> (Minor issue)
-	[jessie] - timidity <no-dsa> (Minor issue)
-	[wheezy] - timidity <no-dsa> (Minor issue)
+	- timidity <unfixed> (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
+	NOTE: Crash in CLI tool, no security impact
 CVE-2017-11546 (The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 ...)
-	- timidity <unfixed> (bug #870338)
-	[stretch] - timidity <no-dsa> (Minor issue)
-	[jessie] - timidity <no-dsa> (Minor issue)
-	[wheezy] - timidity <no-dsa> (Minor issue)
+	- timidity <unfixed> (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
+	NOTE: Crash in CLI tool, no security impact
 CVE-2017-11545 (tcpdump 4.9.0 has a Segmentation Violation in the compressed_sl_print ...)
 	- tcpdump <unfixed>
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/segv/print-sl

More information about the Secure-testing-commits mailing list