[Secure-testing-commits] r54643 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 11 20:20:49 UTC 2017
Author: carnil
Date: 2017-08-11 20:20:49 +0000 (Fri, 11 Aug 2017)
New Revision: 54643
Modified:
data/CVE/list
Log:
Update CVE-2017-0641/libvpx
Note for reviewes: someone with more knowledge of libvpx should still
properly evaluate this CVE.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-11 19:59:13 UTC (rev 54642)
+++ data/CVE/list 2017-08-11 20:20:49 UTC (rev 54643)
@@ -33898,8 +33898,9 @@
CVE-2017-0642 (A remote denial of service vulnerability in libhevc in Mediaserver ...)
NOT-FOR-US: Android Mediaserver
CVE-2017-0641 (A remote denial of service vulnerability in libvpx in Mediaserver ...)
- - libvpx <undetermined>
- TODO: check
+ - libvpx <unfixed>
+ NOTE: https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb
+ NOTE: Debian builds configures with --size-limit=16384x16384
CVE-2017-0640 (A remote denial of service vulnerability in Mediaserver could enable ...)
NOT-FOR-US: Android Mediaserver
CVE-2017-0639 (An information disclosure vulnerability in Bluetooth component could ...)
More information about the Secure-testing-commits
mailing list