[Secure-testing-commits] r55312 - data
Hugo Lefeuvre
hle at moszumanska.debian.org
Thu Aug 31 12:15:48 UTC 2017
Author: hle
Date: 2017-08-31 12:15:47 +0000 (Thu, 31 Aug 2017)
New Revision: 55312
Modified:
data/dla-needed.txt
Log:
Update lame entry in dla-needed.
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-08-31 11:26:59 UTC (rev 55311)
+++ data/dla-needed.txt 2017-08-31 12:15:47 UTC (rev 55312)
@@ -80,9 +80,11 @@
NOTE: 20170813: still no patch available yet
--
lame (Hugo Lefeuvre)
- NOTE: 20170824: no patch yet, CVE-2017-{69-72} not reproducible.
+ NOTE: 20170831: no patch yet, CVE-2017-{69-72} not reproducible.
NOTE: Contacted original reporter to get more informations about build conditions:
NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
+ NOTE: Opened bug reports on upstream's bug tracker: https://sourceforge.net/p/lame/bugs/475/
+ NOTE: Patch is available for CVE-2017-13712, but wait for more infos about CVE-2017-{69-72}
--
libav
NOTE: Diego Biurrun (from the libav team) is working on patches.
More information about the Secure-testing-commits
mailing list