[Git][security-tracker-team/security-tracker][master] zziplib, audiofile bugs

Moritz Muehlenhoff jmm at debian.org
Wed Nov 7 19:05:46 GMT 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8c55047 by Moritz Muehlenhoff at 2018-11-07T19:05:21Z
zziplib, audiofile bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4774,7 +4774,7 @@ CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error ex
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699708
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
 CVE-2018-17095 (An issue has been discovered in mpruett Audio File Library (aka ...)
-	- audiofile <unfixed>
+	- audiofile <unfixed> (low; bug #913166)
 	[stretch] - audiofile <no-dsa> (Minor issue)
 	[jessie] - audiofile <postponed> (Can be fixed along in future DLA)
 	NOTE: https://github.com/mpruett/audiofile/issues/50
@@ -28920,21 +28920,21 @@ CVE-2018-7728 (An issue was discovered in Exempi through 2.4.4. ...)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105205
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=e163667a06a9b656a047b0ec660b871f29a83c9f
 CVE-2018-7727 (An issue was discovered in ZZIPlib 0.13.68. There is a memory leak ...)
-	- zziplib <unfixed> (low)
+	- zziplib <unfixed> (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/40
 	NOTE: https://github.com/gdraheim/zziplib/commit/83a2da55922f67e07f22048ac9671a44cc0d35c4
 CVE-2018-7726 (An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused ...)
-	- zziplib <unfixed> (low)
+	- zziplib <unfixed> (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/41
 	NOTE: https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b
 CVE-2018-7725 (An issue was discovered in ZZIPlib 0.13.68. An invalid memory address ...)
-	- zziplib <unfixed> (low)
+	- zziplib <unfixed> (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8c550472b04391be4c092c6c9a0ea884ffe70df

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8c550472b04391be4c092c6c9a0ea884ffe70df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181107/8de79a22/attachment.html>


More information about the debian-security-tracker-commits mailing list