[Git][security-tracker-team/security-tracker][master] CVE-2017-{15642,15370,18189,15372}: add commit links

Hugo Lefeuvre hle at debian.org
Thu Feb 28 09:43:30 GMT 2019 

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e68a8360 by Hugo Lefeuvre at 2019-02-28T09:43:03Z
CVE-2017-{15642,15370,18189,15372}: add commit links

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -56592,7 +56592,7 @@ CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) throug
 	{DLA-1197-1}
 	- sox 14.4.2-2 (bug #881121)
 	[stretch] - sox <no-dsa> (Minor issue)
-	NOTE: https://public-inbox.org/sox-devel/20171109114554.16297-1-mans@mansr.com/raw
+	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
 CVE-2018-7049 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
 	NOT-FOR-US: Wowza Streaming Engine
 CVE-2018-7048 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There ...)
@@ -82016,6 +82016,7 @@ CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, t
 	- sox 14.4.2-2 (bug #882144)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/sox/bugs/298/
+	NOTE: https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2
 CVE-2017-15641
 	RESERVED
 CVE-2017-15640 (app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip ...)
@@ -82789,6 +82790,7 @@ CVE-2017-15372 (There is a stack-based buffer overflow in the ...)
 	- sox 14.4.2-2 (bug #878808)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553
+	NOTE: https://github.com/mansr/sox/commit/001c337552912d286ba68086ac378f6fdc1e8b50
 CVE-2017-15371 (There is a reachable assertion abort in the function ...)
 	{DLA-1197-1}
 	- sox 14.4.2-2 (bug #878809)
@@ -82799,6 +82801,7 @@ CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function
 	- sox 14.4.2-2 (bug #878810)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
+	NOTE: https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e
 CVE-2017-15369 (The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF ...)
 	- mupdf <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e68a8360dae69ef1c72144108f105fd3a1aed06b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e68a8360dae69ef1c72144108f105fd3a1aed06b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190228/60957bf5/attachment.html>

More information about the debian-security-tracker-commits mailing list