[Secure-testing-commits] r49693 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 15 05:48:36 UTC 2017
Author: carnil
Date: 2017-03-15 05:48:36 +0000 (Wed, 15 Mar 2017)
New Revision: 49693
Modified:
data/CVE/list
Log:
Add CVE-2017-6827 and CVE-2017-6828
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-15 05:28:51 UTC (rev 49692)
+++ data/CVE/list 2017-03-15 05:48:36 UTC (rev 49693)
@@ -163,13 +163,21 @@
CVE-2017-6829
RESERVED
- audiofile <unfixed> (bug #857651)
+ NOTE: https://github.com/mpruett/audiofile/issues/33
NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
NOTE: https://github.com/mpruett/audiofile/pull/43/commits/25eb00ce913452c2e614548d7df93070bf0d066f
- NOTE: https://github.com/mpruett/audiofile/issues/33
CVE-2017-6828
RESERVED
+ - audiofile <unfixed> (bug #857651)
+ NOTE: https://github.com/mpruett/audiofile/issues/31
+ NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
+ NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2017-6827
RESERVED
+ - audiofile <unfixed> (bug #857651)
+ NOTE: https://github.com/mpruett/audiofile/issues/32
+ NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
+ NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
CVE-2016-10251 [use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)]
RESERVED
- jasper <removed>
More information about the Secure-testing-commits
mailing list