[Secure-testing-commits] r57853 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Nov 20 15:08:38 UTC 2017


Author: carnil
Date: 2017-11-20 15:08:38 +0000 (Mon, 20 Nov 2017)
New Revision: 57853

Modified:
   data/CVE/list
Log:
Add proposed patch / pull request from agx, #876778

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-20 14:55:43 UTC (rev 57852)
+++ data/CVE/list	2017-11-20 15:08:38 UTC (rev 57853)
@@ -6597,6 +6597,7 @@
 CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
 	- libvorbis <unfixed> (bug #876778)
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
+	NOTE: https://github.com/xiph/vorbis/pull/34
 CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...)
 	- libvorbis <unfixed> (bug #876779)
 	[jessie] - libvorbis <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list