[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-1000418/wildmidi
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 6 22:50:05 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3e154965 by Salvatore Bonaccorso at 2018-01-06T23:28:36+01:00
Add CVE-2017-1000418/wildmidi
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3105,7 +3105,9 @@ CVE-2017-1000420 (Syncthing version 0.14.33 and older is vulnerable to symlink t
CVE-2017-1000419 (phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar ...)
- phpbb3 <removed>
CVE-2017-1000418 (The WildMidi_Open function in WildMIDI since commit ...)
- TODO: check
+ - wildmidi <unfixed>
+ NOTE: https://github.com/Mindwerks/wildmidi/issues/178
+ NOTE: https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
CVE-2017-1000413 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ...)
TODO: check
CVE-2017-1000412 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3e154965b2103efc76db895f598ffc6ee0ce3b66
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3e154965b2103efc76db895f598ffc6ee0ce3b66
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180106/98c0d63f/attachment.html>
More information about the Secure-testing-commits
mailing list