[Git][security-tracker-team/security-tracker][master] Add two new libsndfile issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 22 07:31:58 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
91b4ee92 by Salvatore Bonaccorso at 2023-07-22T08:31:29+02:00
Add two new libsndfile issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -82844,9 +82844,12 @@ CVE-2022-33067 (Lrzip v0.651 was discovered to contain multiple invalid arithmet
CVE-2022-33066
RESERVED
CVE-2022-33065 (Multiple signed integers overflow in function au_read_header in src/au ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: https://github.com/libsndfile/libsndfile/issues/833
+ NOTE: https://github.com/libsndfile/libsndfile/issues/789
CVE-2022-33064 (An off-by-one error in function wav_read_header in src/wav.c in Libsnd ...)
- TODO: check
+ - libsndfile <unfixed>
+ NOTE: https://github.com/libsndfile/libsndfile/issues/832
CVE-2022-33063
RESERVED
CVE-2022-33062
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b4ee92dc7fc4267a83867aa69117d23bce7f4e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b4ee92dc7fc4267a83867aa69117d23bce7f4e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230722/59855e96/attachment.htm>
More information about the debian-security-tracker-commits
mailing list