[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage flac for buster LTS (CVE-2021-0561)
Chris Lamb (@lamby)
lamby at debian.org
Sun Aug 21 17:41:34 BST 2022
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8136e92a by Chris Lamb at 2022-08-21T09:41:20-07:00
data/dla-needed.txt: Triage flac for buster LTS (CVE-2021-0561)
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -128593,7 +128593,6 @@ CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c, there
{DLA-2951-1}
- flac 1.3.4-1 (bug #1006339)
[bullseye] - flac 1.3.3-2+deb11u1
- [buster] - flac <no-dsa> (Minor issue)
NOTE: https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be (1.3.4)
NOTE: https://xiph.org/flac/changelog.html#flac_1.3.4
NOTE: https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f
=====================================
data/dla-needed.txt
=====================================
@@ -36,6 +36,9 @@ exiv2
NOTE: 20220819: Programming language: C++.
NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb)
--
+flac
+ NOTE: 20220821: Programming language: C.
+--
jetty9 (Markus Koschany)
NOTE: 20220802: Programming language: Java.
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8136e92a49724b2bb562286d496a61ced974af29
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8136e92a49724b2bb562286d496a61ced974af29
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220821/1d872256/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list