[Git][security-tracker-team/security-tracker][master] Add liblivemedia entry to dla-needed

Thu Oct 25 11:33:20 BST 2018

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e1b16a60 by Hugo Lefeuvre at 2018-10-25T10:32:18Z
Add liblivemedia entry to dla-needed

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -40,6 +40,10 @@ libav (Hugo Lefeuvre)
   NOTE: 20180529: Help is welcome, feel free to mail Hugo. Still up-to-date. Help needed for CVE triage and patch development.
   NOTE: 20180529: Just contacted some of the CVE reporters to ask for the reproducers, CC-ed team ML.
 --
+liblivemedia (Hugo Lefeuvre)
+  NOTE: CVE entry says remote: "no", but it looks like a pretty exploitable remote vulnerability
+  NOTE: (remote code execution)... CVE is very well documented so I think this is worth a patch
+--
 libspring-java (Abhijith PA)
   NOTE: 20181025: uses internal system & id to handle security issues, thus very hard chase all relevant commits. Contacted 
   NOTE: 20181025: upstream but they couldn't help either. Only way left is to mark remaining vulnerabilities as no-dsa. 



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e1b16a605da987a028ab06066102962ac006965a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e1b16a605da987a028ab06066102962ac006965a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181025/e1ce36bb/attachment-0001.html>
