[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-12839/mpg123 as no-dsa for stretch
Salvatore Bonaccorso
carnil at debian.org
Sat May 11 20:33:30 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8fe69ead by Salvatore Bonaccorso at 2019-05-11T19:32:12Z
Mark CVE-2017-12839/mpg123 as no-dsa for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -98974,6 +98974,7 @@ CVE-2017-12840 (A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ c
NOTE: DESLock+
CVE-2017-12839 (A heap-based buffer over-read in the getbits function in src/libmpg123 ...)
- mpg123 1.25.6-1
+ [stretch] - mpg123 <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/mpg123/bugs/255/
NOTE: https://www.mpg123.de/cgi-bin/scm/mpg123/trunk/src/libmpg123/getbits.h?r1=2024&r2=4323&sortby=date
CVE-2017-12838 (Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe69ead64e09d535c4c2794cda9b2074d1dc675
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe69ead64e09d535c4c2794cda9b2074d1dc675
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190511/462ced6a/attachment.html>
More information about the debian-security-tracker-commits
mailing list