[Secure-testing-commits] r49693 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Mar 15 05:48:36 UTC 2017


Author: carnil
Date: 2017-03-15 05:48:36 +0000 (Wed, 15 Mar 2017)
New Revision: 49693

Modified:
   data/CVE/list
Log:
Add CVE-2017-6827 and CVE-2017-6828

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-15 05:28:51 UTC (rev 49692)
+++ data/CVE/list	2017-03-15 05:48:36 UTC (rev 49693)
@@ -163,13 +163,21 @@
 CVE-2017-6829
 	RESERVED
 	- audiofile <unfixed> (bug #857651)
+	NOTE: https://github.com/mpruett/audiofile/issues/33
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
 	NOTE: https://github.com/mpruett/audiofile/pull/43/commits/25eb00ce913452c2e614548d7df93070bf0d066f
-	NOTE: https://github.com/mpruett/audiofile/issues/33
 CVE-2017-6828
 	RESERVED
+	- audiofile <unfixed> (bug #857651)
+	NOTE: https://github.com/mpruett/audiofile/issues/31
+	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
+	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
 CVE-2017-6827
 	RESERVED
+	- audiofile <unfixed> (bug #857651)
+	NOTE: https://github.com/mpruett/audiofile/issues/32
+	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
+	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
 CVE-2016-10251 [use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)]
 	RESERVED
 	- jasper <removed>




More information about the Secure-testing-commits mailing list