[Git][security-tracker-team/security-tracker][master] Add new sox issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 26 21:44:03 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
acabc113 by Salvatore Bonaccorso at 2022-08-26T22:43:44+02:00
Add new sox issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84438,7 +84438,9 @@ CVE-2021-3580 (A flaw was found in the way nettle's RSA decryption functions han
 	NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/485b5e2820a057e873b1ba812fdb39cae4adf98c
 	NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/485b5e2820a057e873b1ba812fdb39cae4adf98c
 CVE-2021-33844 (A floating point exception (divide-by-zero) issue was discovered in So ...)
-	TODO: check
+	- sox <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975664
+	NOTE: https://sourceforge.net/p/sox/bugs/349/
 CVE-2021-33842 (Improper Authentication vulnerability in the cookie parameter of Circu ...)
 	NOT-FOR-US: Circutor SGE-PLC1000 firmware
 CVE-2021-33841 (SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle so ...)
@@ -84451,9 +84453,13 @@ CVE-2021-23210 (A floating point exception (divide-by-zero) issue was discovered
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975670
 	NOTE: https://sourceforge.net/p/sox/bugs/351/
 CVE-2021-23172 (A vulnerability was found in SoX, where a heap-buffer-overflow occurs  ...)
-	TODO: check
+	- sox <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975666
+	NOTE: https://sourceforge.net/p/sox/bugs/350/
 CVE-2021-23159 (A vulnerability was found in SoX, where a heap-buffer-overflow occurs  ...)
-	TODO: check
+	- sox <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975671
+	NOTE: https://sourceforge.net/p/sox/bugs/352/
 CVE-2021-33840 (The server in Luca through 1.1.14 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Luca
 CVE-2021-33839 (Luca through 1.7.4 on Android allows remote attackers to obtain sensit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acabc1134f8f8e61af25685e55cded40aa5610ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acabc1134f8f8e61af25685e55cded40aa5610ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220826/7bbf13b3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list