[Secure-testing-commits] r56706 - in data: . CVE
Ola Lundqvist
opal at moszumanska.debian.org
Sat Oct 14 17:53:35 UTC 2017
Author: opal
Date: 2017-10-14 17:53:35 +0000 (Sat, 14 Oct 2017)
New Revision: 56706
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Triaging.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-14 17:32:02 UTC (rev 56705)
+++ data/CVE/list 2017-10-14 17:53:35 UTC (rev 56706)
@@ -338,6 +338,7 @@
RESERVED
CVE-2017-15185 (plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis ...)
- mp3splt 2.6.2+20170630-2
+ [wheezy] - mp3splt <not-affected> (Vulnerable code does not exist)
NOTE: https://anonscm.debian.org/cgit/users/ron/mp3splt.git/commit/?id=18f018cd774cb931116ce06a520dc0c5f9443932
CVE-2017-15184
RESERVED
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-10-14 17:32:02 UTC (rev 56705)
+++ data/dla-needed.txt 2017-10-14 17:53:35 UTC (rev 56706)
@@ -43,6 +43,8 @@
--
icedove
--
+jasperreports
+--
lame (Hugo Lefeuvre)
NOTE: Couldn't reproduce CVE-2017-{69-72}. Wait for next upstream release 3.100 ?
NOTE: https://lists.debian.org/debian-lts/2017/09/msg00082.html
@@ -52,6 +54,8 @@
NOTE: undetermined issues are currently being triaged (Diego Biurrun and Hugo Lefeuvre
NOTE: have access to the original reproducers)
--
+liblouis
+--
libofx (Thorsten Alteholz)
--
libreoffice (Emilio Pozuelo)
More information about the Secure-testing-commits
mailing list