Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: ac2e0fd3 by Emilio Pozuelo Monfort at 2023-02-01T09:34:06+01:00 Revert "Documented a few fixed CVEs in vorbis-tools for Wheezy." It's already marked as fixed in DLA-1010-1, so there's no need to reference it in CVE/list again. Besides, the syntax is wrong and breaks the tracker. This reverts commit 93b93c5b6bb15ba3ab002b9c5d36c17807b5571d. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -440512,7 +440512,6 @@ CVE-2015-6749 (Buffer overflow in the aiff_open function in oggenc/audio.c in vo {DLA-1010-1 DLA-317-1} - vorbis-tools 1.4.0-7 (bug #797461) [jessie] - vorbis-tools 1.4.0-6+deb8u1 - [wheezy] - vorbis-tools 1.4.0-1+deb7u1 (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2015/08/29/1 NOTE: https://trac.xiph.org/ticket/2212 CVE-2015-6741 @@ -456913,7 +456912,6 @@ CVE-2014-9638 (oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a d {DLA-1010-1 DLA-317-1} - vorbis-tools 1.4.0-7 (unimportant; bug #776086) [jessie] - vorbis-tools 1.4.0-6+deb8u1 - [wheezy] - vorbis-tools 1.4.0-1+deb7u1 - opus-tools 0.1.10-1 (unimportant; bug #780160) NOTE: https://trac.xiph.org/ticket/2137 NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e @@ -456934,7 +456932,6 @@ CVE-2014-9640 (oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to {DLA-1010-1 DLA-317-1} - vorbis-tools 1.4.0-6 (bug #771363) [squeeze] - vorbis-tools <no-dsa> (Minor issue) - [wheezy] - vorbis-tools 1.4.0-1+deb7u1 NOTE: https://trac.xiph.org/ticket/2009 NOTE: Upstream fix: https://trac.xiph.org/changeset/19117 CVE-2014-9649 (Cross-site scripting (XSS) vulnerability in the management plugin in R ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac2e0fd3db02b0b1a8529876ac6c0c70a878dd19 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac2e0fd3db02b0b1a8529876ac6c0c70a878dd19 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits