[Git][security-tracker-team/security-tracker][master] faad2: add upstream commit links
Hugo Lefeuvre
hle at debian.org
Mon Aug 26 13:58:42 BST 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55754cb1 by Hugo Lefeuvre at 2019-08-26T12:55:57Z
faad2: add upstream commit links
My last pull request was merged, including fixes for CVE-2019-6956,
CVE-2018-20360 and CVE-2018-20199. See upstream bug report and PR for
more information.
Update dla-needed entry.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -25098,6 +25098,7 @@ CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAA
[stretch] - faad2 <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/faac/bugs/240/
NOTE: https://github.com/knik0/faad2/issues/39
+ NOTE: https://github.com/knik0/faad2/commit/6823e6610c9af1b0080cb22b9da03efb208d7d57
CVE-2019-6955
RESERVED
CVE-2019-6954
@@ -34414,6 +34415,7 @@ CVE-2018-20360 (An invalid memory address dereference was discovered in the sbr_
[buster] - faad2 <no-dsa> (Minor issue)
[stretch] - faad2 <no-dsa> (Minor issue)
NOTE: https://github.com/knik0/faad2/issues/32
+ NOTE: https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
CVE-2018-20359 (An invalid memory address dereference was discovered in the sbrDecodeS ...)
- faad2 2.8.8-2 (low)
[stretch] - faad2 <no-dsa> (Minor issue)
@@ -35018,6 +35020,7 @@ CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of lib
[buster] - faad2 <no-dsa> (Minor issue)
[stretch] - faad2 <no-dsa> (Minor issue)
NOTE: https://github.com/knik0/faad2/issues/24
+ NOTE: https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of libfaad/f ...)
{DLA-1791-1}
- faad2 2.8.8-2 (low)
=====================================
data/dla-needed.txt
=====================================
@@ -32,8 +32,8 @@ djvulibre (Thorsten Alteholz)
dnsmasq (Mike Gabriel)
--
faad2 (Hugo Lefeuvre)
- NOTE: 20190823: Last PR pending review: https://github.com/knik0/faad2/pull/38
- NOTE: Upload with last batch of patches will happen soon.
+ NOTE: 20190826: all patches have been merged upstream now, upload with last batch of patches
+ NOTE: will happen in shortly
--
freeimage
NOTE: Maintainer will take care of the update.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55754cb140e6795174d96b18475999917111cbc3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55754cb140e6795174d96b18475999917111cbc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/139c04c7/attachment.html>
More information about the debian-security-tracker-commits
mailing list