[Secure-testing-commits] r54500 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 9 23:08:09 UTC 2017
Author: jmm
Date: 2017-08-09 23:08:09 +0000 (Wed, 09 Aug 2017)
New Revision: 54500
Modified:
data/CVE/list
Log:
libvorbis no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-09 23:02:04 UTC (rev 54499)
+++ data/CVE/list 2017-08-09 23:08:09 UTC (rev 54500)
@@ -2330,7 +2330,9 @@
CVE-2017-11736 (SQL injection vulnerability in ...)
NOT-FOR-US: BigTree CMS
CVE-2017-11735 (The vorbis_block_clear function in lib/block.c in Xiph.Org libvorbis ...)
- - libvorbis <unfixed> (bug #870342)
+ - libvorbis <unfixed> (low; bug #870342)
+ [stretch] - libvorbis <no-dsa> (Minor issue)
+ [jessie] - libvorbis <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
CVE-2017-11734 (A heap-based buffer over-read was found in the function ...)
- ming <removed>
@@ -3558,7 +3560,9 @@
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...)
- - libvorbis <unfixed> (bug #870341)
+ - libvorbis <unfixed> (low; bug #870341)
+ [stretch] - libvorbis <no-dsa> (Minor issue)
+ [jessie] - libvorbis <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
- sox <unfixed> (bug #870328)
More information about the Secure-testing-commits
mailing list