[Secure-testing-commits] r56400 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Oct 4 13:38:11 UTC 2017


Author: carnil
Date: 2017-10-04 13:38:11 +0000 (Wed, 04 Oct 2017)
New Revision: 56400

Modified:
   data/CVE/list
Log:
Add CVE-2017-15019

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-04 13:33:01 UTC (rev 56399)
+++ data/CVE/list	2017-10-04 13:38:11 UTC (rev 56400)
@@ -53,7 +53,8 @@
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22202
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
 CVE-2017-15019 (LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init ...)
-	TODO: check
+	- lame <unfixed>
+	NOTE: https://sourceforge.net/p/lame/bugs/477/
 CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a malformed ...)
 	TODO: check
 CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)




More information about the Secure-testing-commits mailing list