[Git][security-tracker-team/security-tracker][master] Mark 1.6.2-1 version as fixed version for CVE-2021-34085

Thu May 12 21:17:30 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f19ee1c7 by Salvatore Bonaccorso at 2022-05-12T22:15:56+02:00
Mark 1.6.2-1 version as fixed version for CVE-2021-34085

Rationale: The offended code was removed in 1.6.0 upstream, we had in
the archive though versions up to 1.5.2-r2-6, where the code was then
removed in the 1.6.2-1 upload to unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60836,7 +60836,7 @@ CVE-2021-34087 (In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3
 CVE-2021-34086 (In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D pr ...)
 	NOT-FOR-US: Ultimaker
 CVE-2021-34085 (Read access violation in the III_dequantize_sample function in mpglibD ...)
-	- mp3gain <not-affected> (Vulnerable code not present)
+	- mp3gain 1.6.2-1
 	NOTE: Vulnerable code removed in https://sourceforge.net/p/mp3gain/code/ci/aea83203960fc6d3237b1ae38e8434ec8681b21a/ (v1.6.0)
 	NOTE: https://drive.google.com/drive/folders/1epm65c4_iC0zE5V_leoet4Jyk1Prz2p5?usp=sharing
 CVE-2021-34084



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f19ee1c7136da9817cbf9e4a06b055f56e221ffd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f19ee1c7136da9817cbf9e4a06b055f56e221ffd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220512/238b1985/attachment.htm>
