[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon May 30 20:20:31 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c3bb261 by Moritz Muehlenhoff at 2022-05-30T21:03:10+02:00
buster/bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -456,9 +456,13 @@ CVE-2022-31652
RESERVED
CVE-2022-31651 (In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in ...)
- sox <unfixed>
+ [bullseye] - sox <no-dsa> (Minor issue)
+ [buster] - sox <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/sox/bugs/360/
CVE-2022-31650 (In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwri ...)
- sox <unfixed>
+ [bullseye] - sox <no-dsa> (Minor issue)
+ [buster] - sox <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/sox/bugs/360/
CVE-2022-31649
RESERVED
@@ -58344,6 +58348,8 @@ CVE-2021-36716 (A ReDoS (regular expression denial of service) flaw was found in
NOT-FOR-US: Node is-email
CVE-2021-3643 (A flaw was found in sox 14.4.1. The lsx_adpcm_init function within lib ...)
- sox <unfixed> (bug #1010374)
+ [bullseye] - sox <no-dsa> (Minor issue)
+ [buster] - sox <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1980626
NOTE: Triggered by same reproducer as for CVE-2021-23210
NOTE: https://sourceforge.net/p/sox/bugs/351/
@@ -65115,6 +65121,8 @@ CVE-2021-33841 (SGE-PLC1000 device, in its 0.9.2b firmware version, does not han
CVE-2021-23210 [divide by zero in voc.c]
RESERVED
- sox <unfixed> (bug #1010374)
+ [bullseye] - sox <no-dsa> (Minor issue)
+ [buster] - sox <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975670
NOTE: https://sourceforge.net/p/sox/bugs/351/
CVE-2021-23172
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c3bb2610282e2e6880db746a40d44a2a47aa86e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c3bb2610282e2e6880db746a40d44a2a47aa86e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220530/f3693660/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list