[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update
Salvatore Bonaccorso
carnil at debian.org
Wed Dec 26 08:24:26 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
713149b2 by Salvatore Bonaccorso at 2018-12-26T08:23:59Z
Remove no-dsa tagged entries which got an update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59129,7 +59129,6 @@ CVE-2017-1002101 (In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to
CVE-2017-17457 (The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead ...)
- libsndfile <unfixed> (low; bug #884735)
[stretch] - libsndfile <no-dsa> (Minor issue)
- [jessie] - libsndfile <no-dsa> (Minor issue)
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/344
NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
@@ -59137,7 +59136,6 @@ CVE-2017-17457 (The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 m
CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead ...)
- libsndfile <unfixed> (low; bug #884735)
[stretch] - libsndfile <no-dsa> (Minor issue)
- [jessie] - libsndfile <no-dsa> (Minor issue)
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/344
NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
@@ -70745,7 +70743,6 @@ CVE-2017-14650 (A Remote Code Execution vulnerability has been found in the Hord
CVE-2017-14634 (In libsndfile 1.0.28, a divide-by-zero error exists in the function ...)
- libsndfile <unfixed> (bug #876783)
[stretch] - libsndfile <no-dsa> (Minor issue)
- [jessie] - libsndfile <no-dsa> (Minor issue)
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/318
NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
@@ -71910,14 +71907,12 @@ CVE-2017-14247 (SQL Injection exists in the EyesOfNetwork web interface (aka eon
CVE-2017-14246 (An out of bounds read in the function d2ulaw_array() in ulaw.c of ...)
- libsndfile <unfixed> (low; bug #876682)
[stretch] - libsndfile <no-dsa> (Minor issue)
- [jessie] - libsndfile <no-dsa> (Minor issue)
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/317
NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
CVE-2017-14245 (An out of bounds read in the function d2alaw_array() in alaw.c of ...)
- libsndfile <unfixed> (low; bug #876682)
[stretch] - libsndfile <no-dsa> (Minor issue)
- [jessie] - libsndfile <no-dsa> (Minor issue)
[wheezy] - libsndfile <no-dsa> (Minor issue)
NOTE: https://github.com/erikd/libsndfile/issues/317
NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
@@ -89582,7 +89577,6 @@ CVE-2017-8366 (The strescape function in ec_strings.c in Ettercap 0.8.2 allows r
CVE-2017-8365 (The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote ...)
{DLA-956-1}
- libsndfile 1.0.27-3 (bug #862202)
- [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
NOTE: https://github.com/erikd/libsndfile/issues/230
NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
@@ -89595,7 +89589,6 @@ CVE-2017-8364 (The read_buf function in stream.c in rzip 2.1 allows remote attac
CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
{DLA-956-1}
- libsndfile 1.0.27-3 (bug #862203)
- [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
NOTE: https://github.com/erikd/libsndfile/issues/233
NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
@@ -89603,14 +89596,12 @@ CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allo
CVE-2017-8362 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
{DLA-956-1}
- libsndfile 1.0.27-3 (bug #862204)
- [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
NOTE: https://github.com/erikd/libsndfile/issues/231
NOTE: https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
CVE-2017-8361 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
{DLA-956-1}
- libsndfile 1.0.27-3 (bug #862205)
- [jessie] - libsndfile <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
NOTE: https://github.com/erikd/libsndfile/issues/232
NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/713149b2d3058b214cb36e378186eedb67be7b28
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/713149b2d3058b214cb36e378186eedb67be7b28
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181226/1ed55d3c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list