[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 as no-dsa

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03d46807 by Salvatore Bonaccorso at 2018-05-11T22:31:18+02:00
Mark CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1396,12 +1396,16 @@ CVE-2018-10394
 	RESERVED
 CVE-2018-10393 (bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a ...)
 	- libvorbis <unfixed> (bug #876780)
+	[stretch] - libvorbis <no-dsa> (Minor issue)
+	[jessie] - libvorbis <no-dsa> (Minor issue)
 	[wheezy] - libvorbis <ignored> (Minor issue)
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2334
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
 	NOTE: Same patch as for CVE-2017-14160
 CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not ...)
 	- libvorbis <unfixed> (bug #876780)
+	[stretch] - libvorbis <no-dsa> (Minor issue)
+	[jessie] - libvorbis <no-dsa> (Minor issue)
 	[wheezy] - libvorbis <ignored> (Minor issue)
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
@@ -39085,8 +39089,8 @@ CVE-2017-14165 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/442/
 CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 ...)
 	- libvorbis <unfixed> (bug #876780)
-	[stretch] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
-	[jessie] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
+	[stretch] - libvorbis <no-dsa> (Minor issue)
+	[jessie] - libvorbis <no-dsa> (Minor issue)
 	[wheezy] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/2
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/03d468072b27a489abe31f50a2450878f236d591

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/03d468072b27a489abe31f50a2450878f236d591
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180511/6c7c1600/attachment.html>