[Git][security-tracker-team/security-tracker][master] libvpx DSA

Thu Nov 28 19:48:43 GMT 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2dc608e5 by Moritz Muehlenhoff at 2019-11-28T19:48:21Z
libvpx DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33120,7 +33120,9 @@ CVE-2019-9373 (In JobStore, there is a mismatched serialization/deserialization
 CVE-2019-9372 (In libskia, there is a possible crash due to a missing null check. Thi ...)
 	- skia <itp> (bug #818180)
 CVE-2019-9371 (In libvpx, there is a possible resource exhaustion due to improper inp ...)
-	- libvpx 1.8.1-2
+	- libvpx 1.8.1-2 (low)
+	[stretch] - libvpx 1.6.1-3+deb9u2
+	[stretch - libvpx <ignored> (Minor issue)
 	[jessie] - libvpx <not-affected> (Vunerable code introduced in 1.4.0)
 	NOTE: Commits in libwebm:
 	NOTE: https://chromium.googlesource.com/webm/libwebm/+/027a472efe49ff3a24be619442d2150658dbaaa0


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[28 Nov 2019] DSA-4578-1 libvpx - security update
+	{CVE-2019-9232 CVE-2019-9325 CVE-2019-9433}
+	[stretch] - libvpx 1.6.1-3+deb9u2
+	[buster] - libvpx 1.7.0-3+deb10u1
 [28 Nov 2019] DSA-4577-1 haproxy - security update
 	{CVE-2019-19330}
 	[buster] - haproxy 1.8.19-1+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2dc608e52ba7e91340b6074f52c7b9e37678e75e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2dc608e52ba7e91340b6074f52c7b9e37678e75e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191128/2c2f5ecd/attachment.html>
