[Secure-testing-commits] r52988 - data/CVE

Wed Jun 28 17:20:50 UTC 2017

Author: carnil
Date: 2017-06-28 17:20:50 +0000 (Wed, 28 Jun 2017)
New Revision: 52988

Modified:
   data/CVE/list
Log:
Add source package name for CVE-2017-98{69,70,71,72}

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-06-28 17:07:41 UTC (rev 52987)
+++ data/CVE/list	2017-06-28 17:20:50 UTC (rev 52988)
@@ -295,13 +295,17 @@
 CVE-2017-9873
 	RESERVED
 CVE-2017-9872 (The III_dequantize_sample function in layer3.c in mpglib, as used in ...)
-	TODO: check
+	- lame <undetermined>
+	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/
 CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
-	TODO: check
+	- lame <undetermined>
+	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
 CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
-	TODO: check
+	- lame <undetermined>
+	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/
 CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in ...)
-	TODO: check
+	- lame <undetermined>
+	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/
 CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...)
 	- mosquitto <unfixed> (bug #865959)
 	NOTE: https://github.com/eclipse/mosquitto/issues/468


