[Git][security-tracker-team/security-tracker][master] Reference fixes for CVE-2017-1755{4,5}/aubio

Salvatore Bonaccorso carnil at debian.org
Mon Aug 6 15:09:50 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
772ba825 by Salvatore Bonaccorso at 2018-08-06T14:09:20Z
Reference fixes for CVE-2017-1755{4,5}/aubio

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36946,6 +36946,7 @@ CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg ...)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	[wheezy] - aubio <no-dsa> (Minor issue)
+	NOTE: Fixed by: https://github.com/aubio/aubio/commit/265fe9a2ca606f8b9ae4a110390f26c139c01ad7
 	NOTE: https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md
 	NOTE: aubio initializes libswresample with 2 channels and then passes data
 	NOTE: that contains just one channel. Not an issue in src:ffmpeg.
@@ -36955,6 +36956,7 @@ CVE-2017-17554 (A NULL pointer dereference (DoS) Vulnerability was found in the 
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	[wheezy] - aubio <no-dsa> (Minor issue)
+	NOTE: Fixed by: https://github.com/aubio/aubio/commit/a81b12a3b4174953b3bc7ef4c37103f4d5636740
 	NOTE: https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md
 	NOTE: https://github.com/aubio/aubio/issues/137
 CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/772ba825eb559732c749ec26b38b08d65b3581d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/772ba825eb559732c749ec26b38b08d65b3581d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180806/c7f9f9ea/attachment.html>

More information about the debian-security-tracker-commits mailing list