[Git][security-tracker-team/security-tracker][master] libebml commits

Moritz Muehlenhoff jmm at debian.org
Thu Jul 25 17:02:39 BST 2019



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10d5986a by Moritz Muehlenhoff at 2019-07-25T16:01:22Z
libebml commits

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1338,11 +1338,15 @@ CVE-2019-13616 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.
 	- libsdl1.2 <unfixed>
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4538
 CVE-2019-13615 (VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in ...)
-	- libebml 1.3.6-1 (bug #932241)
+	- libebml 1.3.6-1 (low; bug #932241)
+	[stretch] - libebml <no-dsa> (Minor issue)
 	NOTE: https://trac.videolan.org/vlc/ticket/22474
 	NOTE: Issue was originally reported to vlc project, but the underlying issue is
-	NOTE: found in the libebml library, fixed upstream in 1.3.6. No information on
-	NOTE: details.
+	NOTE: found in the libebml library
+	NOTE: https://github.com/Matroska-Org/libebml/commit/05beb69ba60acce09f73ed491bb76f332849c3a0
+	NOTE: https://github.com/Matroska-Org/libebml/commit/ff0dc3cc21494578ce731f5d7dcde5fdec23d40f
+	NOTE: https://github.com/Matroska-Org/libebml/commit/b66ca475be967547af9a3784e720fbbacd381be6
+	NOTE: https://github.com/Matroska-Org/libebml/commit/534dfdb995edc18e528de8ce9fa20b3df88426ae
 CVE-2019-13614 (CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link ...)
 	NOT-FOR-US: TP-Link
 CVE-2019-13613 (CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wirel ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/10d5986a9aa810cf08e2d57177493c2b5affb68f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/10d5986a9aa810cf08e2d57177493c2b5affb68f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190725/b27d792f/attachment.html>


More information about the debian-security-tracker-commits mailing list