[Secure-testing-commits] r56286 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Sat Sep 30 16:35:41 UTC 2017
Author: agx
Date: 2017-09-30 16:35:41 +0000 (Sat, 30 Sep 2017)
New Revision: 56286
Modified:
data/CVE/list
Log:
Forwarded libvorbis issue upstream
(still reproduces in current git)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-30 16:34:56 UTC (rev 56285)
+++ data/CVE/list 2017-09-30 16:35:41 UTC (rev 56286)
@@ -8708,6 +8708,7 @@
[stretch] - libvorbis <no-dsa> (Minor issue)
[jessie] - libvorbis <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
+ NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2331
CVE-2017-11734 (A heap-based buffer over-read was found in the function ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/83
@@ -10080,6 +10081,7 @@
[stretch] - libvorbis <no-dsa> (Minor issue)
[jessie] - libvorbis <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
+ NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332
CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...)
- sox <unfixed> (bug #870328)
[stretch] - sox <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list