[Secure-testing-commits] r51231 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 1 11:37:27 UTC 2017
Author: carnil
Date: 2017-05-01 11:37:26 +0000 (Mon, 01 May 2017)
New Revision: 51231
Modified:
data/CVE/list
Log:
Add three more libsndfile issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-01 11:28:18 UTC (rev 51230)
+++ data/CVE/list 2017-05-01 11:37:26 UTC (rev 51231)
@@ -49,11 +49,21 @@
- rzip <unfixed>
NOTE: https://blogs.gentoo.org/ago/2017/04/29/rzip-heap-based-buffer-overflow-in-read_buf-stream-c/
CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
+ NOTE: https://github.com/erikd/libsndfile/issues/233
+ NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
+ NOTE: https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8
CVE-2017-8362 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
+ NOTE: https://github.com/erikd/libsndfile/issues/231
+ NOTE: https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
CVE-2017-8361 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
+ NOTE: https://github.com/erikd/libsndfile/issues/232
+ NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
CVE-2017-8360
RESERVED
CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused by a ...)
More information about the Secure-testing-commits
mailing list