[Secure-testing-commits] r55312 - data

Hugo Lefeuvre hle at moszumanska.debian.org
Thu Aug 31 12:15:48 UTC 2017


Author: hle
Date: 2017-08-31 12:15:47 +0000 (Thu, 31 Aug 2017)
New Revision: 55312

Modified:
   data/dla-needed.txt
Log:
Update lame entry in dla-needed.

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-08-31 11:26:59 UTC (rev 55311)
+++ data/dla-needed.txt	2017-08-31 12:15:47 UTC (rev 55312)
@@ -80,9 +80,11 @@
   NOTE: 20170813: still no patch available yet
 --
 lame (Hugo Lefeuvre)
-  NOTE: 20170824: no patch yet, CVE-2017-{69-72} not reproducible.
+  NOTE: 20170831: no patch yet, CVE-2017-{69-72} not reproducible.
   NOTE: Contacted original reporter to get more informations about build conditions:
   NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
+  NOTE: Opened bug reports on upstream's bug tracker: https://sourceforge.net/p/lame/bugs/475/
+  NOTE: Patch is available for CVE-2017-13712, but wait for more infos about CVE-2017-{69-72}
 --
 libav
   NOTE: Diego Biurrun (from the libav team) is working on patches.




More information about the Secure-testing-commits mailing list