[Secure-testing-commits] r56129 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Mon Sep 25 13:56:32 UTC 2017
Author: agx
Date: 2017-09-25 13:56:31 +0000 (Mon, 25 Sep 2017)
New Revision: 56129
Modified:
data/CVE/list
Log:
sam2p: add debian bug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-25 12:46:09 UTC (rev 56128)
+++ data/CVE/list 2017-09-25 13:56:31 UTC (rev 56129)
@@ -204,10 +204,11 @@
CVE-2017-14638 (AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in ...)
NOT-FOR-US: Bento4
CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
+
NOTE: https://github.com/pts/sam2p/issues/14 (bug 5)
CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop executes ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...)
- otrs2 <unfixed> (bug #876462)
@@ -231,16 +232,16 @@
- libvorbis <unfixed>
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
NOTE: https://github.com/pts/sam2p/issues/14 (bug 1)
CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
NOTE: https://github.com/pts/sam2p/issues/14 (bug 6)
CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
NOTE: https://github.com/pts/sam2p/issues/14 (bug 3)
CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the ...)
- - sam2p <removed>
+ - sam2p <removed> (bug #876744)
NOTE: https://github.com/pts/sam2p/issues/14 (bug 2)
CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote ...)
NOT-FOR-US: CyberLink LabelPrint
More information about the Secure-testing-commits
mailing list