[Secure-testing-commits] r54085 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Sun Jul 30 18:05:57 UTC 2017


Author: fgeek-guest
Date: 2017-07-30 18:05:57 +0000 (Sun, 30 Jul 2017)
New Revision: 54085

Modified:
   data/CVE/list
Log:
lame issues possible duplicates

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-30 17:54:05 UTC (rev 54084)
+++ data/CVE/list	2017-07-30 18:05:57 UTC (rev 54085)
@@ -6256,14 +6256,17 @@
 	- lame <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/463/
+	NOTE: Invalid read in command line tool so no CVE is needed. MITRE contacted by ago at gentoo
 CVE-2017-9411 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...)
 	- lame <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/462/
+	NOTE: Possible duplicate of CVE-2015-9100
 CVE-2017-9410 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...)
 	- lame <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/461/
+	NOTE: Possible duplicate of CVE-2015-9101
 CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864090)




More information about the Secure-testing-commits mailing list