[Secure-testing-commits] r54455 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 8 20:56:59 UTC 2017
Author: carnil
Date: 2017-08-08 20:56:59 +0000 (Tue, 08 Aug 2017)
New Revision: 54455
Modified:
data/CVE/list
Log:
Update status for CVE-2017-11720
The reproducer is in meanwhile open, and indeed this is a duplicate of
the #777159 bug, and as well of the bug reported by Agostino Sarubbo
from Gentoo.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-08 20:45:03 UTC (rev 54454)
+++ data/CVE/list 2017-08-08 20:56:59 UTC (rev 54455)
@@ -2190,9 +2190,8 @@
NOTE: https://github.com/iortcw/iortcw/commit/260c39a29af517a08b3ee1a0e78ad654bdd70934
NOTE: Also affects openjk (only in experimental; fixed in 0~20170718+dfsg1-2
CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ...)
- - lame <unfixed> (low; bug #870809)
- [stretch] - lame <no-dsa> (Minor issue)
- [jessie] - lame <no-dsa> (Minor issue)
+ - lame 3.99.5+repack1-6 (low; bug #870809; bug #777159)
+ [wheezy] - lame 3.99.5+repack1-3+deb7u1
NOTE: https://sourceforge.net/p/lame/bugs/460/
NOTE: Duplicate/same as: https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/
CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg ...)
More information about the Secure-testing-commits
mailing list