[Git][security-tracker-team/security-tracker][master] faad2: add upstream commit links

Hugo Lefeuvre hle at debian.org
Mon Aug 26 13:58:42 BST 2019



Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
55754cb1 by Hugo Lefeuvre at 2019-08-26T12:55:57Z
faad2: add upstream commit links

My last pull request was merged, including fixes for CVE-2019-6956,
CVE-2018-20360 and CVE-2018-20199. See upstream bug report and PR for
more information.

Update dla-needed entry.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -25098,6 +25098,7 @@ CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAA
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
 	NOTE: https://github.com/knik0/faad2/issues/39
+	NOTE: https://github.com/knik0/faad2/commit/6823e6610c9af1b0080cb22b9da03efb208d7d57
 CVE-2019-6955
 	RESERVED
 CVE-2019-6954
@@ -34414,6 +34415,7 @@ CVE-2018-20360 (An invalid memory address dereference was discovered in the sbr_
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/32
+	NOTE: https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
 CVE-2018-20359 (An invalid memory address dereference was discovered in the sbrDecodeS ...)
 	- faad2 2.8.8-2 (low)
 	[stretch] - faad2 <no-dsa> (Minor issue)
@@ -35018,6 +35020,7 @@ CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of lib
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/24
+	NOTE: https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
 CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of libfaad/f ...)
 	{DLA-1791-1}
 	- faad2 2.8.8-2 (low)


=====================================
data/dla-needed.txt
=====================================
@@ -32,8 +32,8 @@ djvulibre (Thorsten Alteholz)
 dnsmasq (Mike Gabriel)
 --
 faad2 (Hugo Lefeuvre)
-  NOTE: 20190823: Last PR pending review: https://github.com/knik0/faad2/pull/38
-  NOTE: Upload with last batch of patches will happen soon.
+  NOTE: 20190826: all patches have been merged upstream now, upload with last batch of patches
+  NOTE: will happen in shortly
 --
 freeimage
   NOTE: Maintainer will take care of the update.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55754cb140e6795174d96b18475999917111cbc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55754cb140e6795174d96b18475999917111cbc3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/139c04c7/attachment.html>


More information about the debian-security-tracker-commits mailing list