[Secure-testing-commits] r58018 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Nov 25 13:59:20 UTC 2017 

Author: carnil
Date: 2017-11-25 13:59:20 +0000 (Sat, 25 Nov 2017)
New Revision: 58018

Modified:
   data/CVE/list
Log:
Sox uploaded to unstable, fixes included from experimental

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-25 13:45:06 UTC (rev 58017)
+++ data/CVE/list	2017-11-25 13:59:20 UTC (rev 58018)
@@ -4598,14 +4598,12 @@
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553
 CVE-2017-15371 (There is a reachable assertion abort in the function ...)
-	[experimental] - sox 14.4.2-1
-	- sox <unfixed> (bug #878809)
+	- sox 14.4.2-2 (bug #878809)
 	[stretch] - sox <no-dsa> (Minor issue)
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500570
 CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function of ...)
-	[experimental] - sox 14.4.2-1
-	- sox <unfixed> (bug #878810)
+	- sox 14.4.2-2 (bug #878810)
 	[stretch] - sox <no-dsa> (Minor issue)
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
@@ -16364,15 +16362,13 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
 CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
-	[experimental] - sox 14.4.2-1
-	- sox <unfixed> (bug #870328)
+	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...)
-	[experimental] - sox 14.4.2-1
-	- sox <unfixed> (bug #870328)
+	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
@@ -16504,8 +16500,7 @@
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332
 CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
-	[experimental] - sox 14.4.2-1
-	- sox <unfixed> (bug #870328)
+	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	[jessie] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81

More information about the Secure-testing-commits mailing list