[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Status for CVE-2017-11552 clarified with MITRE
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 8 09:14:55 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a566dd56 by Salvatore Bonaccorso at 2018-01-08T10:14:36+01:00
Status for CVE-2017-11552 clarified with MITRE
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -29902,11 +29902,13 @@ CVE-2017-11553 (There is an illegal address access in the extend_alias_table fun
NOTE: Not reproducible in wheezy/jessie/stretch.
NOTE: Reproducible with 0.26-1 (experimental).
CVE-2017-11552 (mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use ...)
- - libmad <unfixed> (unimportant; bug #870406)
- NOTE: Futher analysis has shown that the underlying issue is in src:mpg321
+ - mpg321 <unfixed> (bug #870406)
+ [stretch] - mpg321 <no-dsa> (Minor issue)
+ [jessie] - mpg321 <no-dsa> (Minor issue)
+ [wheezy] - mpg321 <no-dsa> (Minor issue)
+ NOTE: CVE was originally assigned for libmad, but further analysis has shown
+ NOTE: that the underlying issue is in src:mpg321
NOTE: Cf. https://bugs.debian.org/870406#25 for more Details.
- NOTE: MITRE associates the CVE with libmad, thus mark as unimportant for
- NOTE: libmad to indicate the non-issue.
NOTE: http://seclists.org/fulldisclosure/2017/Jul/94
CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows ...)
- libid3tag 0.15.1b-5 (bug #870333)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a566dd5625c2fdce148fa847fe116a409caf7151
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a566dd5625c2fdce148fa847fe116a409caf7151
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180108/4ccb183a/attachment.html>
More information about the Secure-testing-commits
mailing list