[Secure-testing-commits] r51252 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 2 04:16:42 UTC 2017
Author: carnil
Date: 2017-05-02 04:16:42 +0000 (Tue, 02 May 2017)
New Revision: 51252
Modified:
data/CVE/list
Log:
Mark libmad as undetermined
Please add add explanation in case not-affected. Not able to reproduce
with a reproducer is not enough to determine 'not-affected.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-02 04:16:10 UTC (rev 51251)
+++ data/CVE/list 2017-05-02 04:16:42 UTC (rev 51252)
@@ -62,9 +62,9 @@
CVE-2017-8373 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b ...)
- libmad <unfixed>
CVE-2017-8372 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, ...)
- - libmad <not-affected>
+ - libmad <undetermined>
NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-assertion-failure-in-layer3-c/
- NOTE: No assertion failure with reproducer
+ NOTE: No assertion failure with reproducer, if fails when built with debug then unimportant
CVE-2017-8371 (Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses ...)
NOT-FOR-US: Schneider Electric
CVE-2017-8370
More information about the Secure-testing-commits
mailing list