[Secure-testing-commits] r55965 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Sep 21 09:31:37 UTC 2017
Author: carnil
Date: 2017-09-21 09:31:37 +0000 (Thu, 21 Sep 2017)
New Revision: 55965
Modified:
data/CVE/list
Log:
Add two new libvorbis issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-21 09:28:40 UTC (rev 55964)
+++ data/CVE/list 2017-09-21 09:31:37 UTC (rev 55965)
@@ -2,9 +2,11 @@
- libsndfile <unfixed>
NOTE: https://github.com/erikd/libsndfile/issues/318
CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
- TODO: check
+ - libvorbis <unfixed>
+ NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...)
- TODO: check
+ - libvorbis <unfixed>
+ NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
- sam2p <removed>
NOTE: https://github.com/pts/sam2p/issues/14
More information about the Secure-testing-commits
mailing list