[Secure-testing-commits] r57863 - data
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 20 19:53:19 UTC 2017
Author: carnil
Date: 2017-11-20 19:53:19 +0000 (Mon, 20 Nov 2017)
New Revision: 57863
Modified:
data/dla-needed.txt
Log:
Expand note for sox's missing error checking when encoding vorbis
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-11-20 19:39:00 UTC (rev 57862)
+++ data/dla-needed.txt 2017-11-20 19:53:19 UTC (rev 57863)
@@ -110,7 +110,9 @@
NOTE: > 12% of sponsors use sox hence I have decided to add it here.
NOTE: https://sourceforge.net/p/sox/bugs/296/
NOTE: 2017-09-01: pinged upstream (Markus)
- NOTE: please check https://bugs.debian.org/870341 too
+ NOTE: please check https://bugs.debian.org/882236 too (but please note that
+ NOTE: the CVE is specifically assigned for libvorbis, so do not reuse the
+ NOTE: CVE when applying the fix)
--
suricata
NOTE: 2017-10-27: At a quick glance, I can't see that this is vulnerable. --lamby
More information about the Secure-testing-commits
mailing list