[Secure-testing-commits] r56135 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Sep 25 19:53:44 UTC 2017
Author: carnil
Date: 2017-09-25 19:53:44 +0000 (Mon, 25 Sep 2017)
New Revision: 56135
Modified:
data/CVE/list
Log:
Add bug reports with references to upstream issue for two libvorbis issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-25 17:11:00 UTC (rev 56134)
+++ data/CVE/list 2017-09-25 19:53:44 UTC (rev 56135)
@@ -229,10 +229,10 @@
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/318
CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
- - libvorbis <unfixed>
+ - libvorbis <unfixed> (bug #876778)
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...)
- - libvorbis <unfixed>
+ - libvorbis <unfixed> (bug #876779)
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
- sam2p <removed> (bug #876744)
More information about the Secure-testing-commits
mailing list