[Git][security-tracker-team/security-tracker][master] Replace some old code hosting references to new location

Salvatore Bonaccorso carnil at debian.org
Wed Dec 16 05:30:28 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84d2a655 by Salvatore Bonaccorso at 2020-12-16T06:29:59+01:00
Replace some old code hosting references to new location

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -174839,7 +174839,7 @@ CVE-2018-5146 (An out of bounds memory write while processing Vorbis audio data
 	- firefox-esr 52.7.2esr-1
 	- thunderbird 1:52.7.0-1
 	- libvorbis 1.3.5-4.2 (bug #893130)
-	NOTE: https://git.xiph.org/?p=vorbis.git;a=commit;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f
+	NOTE: https://github.com/xiph/vorbis/commit/667ceb4aab60c1f74060143bb24e5f427b3cce5f (v1.3.6)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
 CVE-2018-5145 (Memory safety bugs were reported in Firefox ESR 52.6. These bugs showe ...)
@@ -221280,7 +221280,7 @@ CVE-2017-6888 (An error in the "read_metadata_vorbiscomment_()" function (src/li
 	[jessie] - flac <no-dsa> (Minor issue)
 	[wheezy] - flac <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-7/
-	NOTE: https://git.xiph.org/?p=flac.git;a=commit;h=4f47b63e9c971e6391590caf00a0f2a5ed612e67 (broken link)
+	NOTE: https://github.com/xiph/flac/commit/4f47b63e9c971e6391590caf00a0f2a5ed612e67 (1.3.3)
 	NOTE: https://android.googlesource.com/platform/external/flac/+/4f47b63e9c971e6391590caf00a0f2a5ed612e67
 CVE-2017-6887 (A boundary error within the "parse_tiff_ifd()" function (internal/dcra ...)
 	{DSA-3950-1 DLA-1057-1}
@@ -239324,7 +239324,7 @@ CVE-2017-0381 (An information disclosure vulnerability in silk/NLSF_stabilize.c
 	- opus 1.2~alpha2-1 (bug #851612)
 	[jessie] - opus <ignored> (Minor issue, https://bugs.debian.org/851612#10)
 	NOTE: Fixed by: https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409 (v1.2-alpha)
-	NOTE: https://git.xiph.org/?p=opus.git;a=commitdiff;h=70a3d641b
+	NOTE: https://github.com/xiph/opus/commit/70a3d641b760b3d313b6025f82aed93a460720e5
 CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ...)
 	- bluez <unfixed> (unimportant; bug #847837)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
@@ -297842,8 +297842,8 @@ CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
 	NOTE: Upstream patches:
-	NOTE: https://git.xiph.org/?p=flac.git;a=commit;h=fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
-	NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5a365996d739bdf4711af51d9c2c71c8a5e14660
+	NOTE: https://github.com/xiph/flac/commit/fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 (1.3.1pre1)
+	NOTE: https://github.com/xiph/flac/commit/5a365996d739bdf4711af51d9c2c71c8a5e14660 (1.3.1)
 CVE-2014-9014 (Directory traversal vulnerability in the ajaxinit function in wpmarket ...)
 	NOT-FOR-US: WP Marketplace plugin for WordPress
 CVE-2014-9013 (The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketp ...)
@@ -298732,7 +298732,7 @@ CVE-2014-8963
 CVE-2014-8962 (Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3. ...)
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
-	NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5b3033a2b355068c11fe637e14ac742d273f076e
+	NOTE: https://github.com/xiph/flac/commit/5b3033a2b355068c11fe637e14ac742d273f076e (1.3.1pre1)
 	NOTE: http://lists.xiph.org/pipermail/flac-dev/2014-November/005185.html
 CVE-2014-8961 (Directory traversal vulnerability in libraries/error_report.lib.php in ...)
 	- phpmyadmin 4:4.2.12-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2a6555452528037e1c48d5156bad1dfcf10d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2a6555452528037e1c48d5156bad1dfcf10d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201216/52a933ce/attachment.html>

More information about the debian-security-tracker-commits mailing list