[Secure-testing-commits] r51257 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 2 04:57:32 UTC 2017
Author: carnil
Date: 2017-05-02 04:57:32 +0000 (Tue, 02 May 2017)
New Revision: 51257
Modified:
data/CVE/list
Log:
Triage libmad issues, fixed in 0.15.1b-4 for Debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-02 04:50:18 UTC (rev 51256)
+++ data/CVE/list 2017-05-02 04:57:32 UTC (rev 51257)
@@ -64,14 +64,15 @@
CVE-2017-8375
RESERVED
CVE-2017-8374 (The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b ...)
- - libmad <unfixed>
+ - libmad 0.15.1b-4
+ NOTE: Addressed by patch from #508133
CVE-2017-8373 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b ...)
- - libmad <unfixed>
+ - libmad 0.15.1b-4
+ NOTE: Addressed by patch from #508133
CVE-2017-8372 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, ...)
- - libmad <undetermined>
+ - libmad 0.15.1b-4 (unimportant)
NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-assertion-failure-in-layer3-c/
- NOTE: No assertion failure with reproducer, if fails when built with debug then unimportant
- TODO: likely fixed 0.15.1b-4 in via the patch for #508133
+ NOTE: Addressed by patch from #508133
CVE-2017-8371 (Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses ...)
NOT-FOR-US: Schneider Electric
CVE-2017-8370
More information about the Secure-testing-commits
mailing list