Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 39ab73f5 by Salvatore Bonaccorso at 2019-02-01T15:53:45Z Mark CVE-2014-8145/sox as no-dsa There is after several years no point of issuing a DSA for this only, as it was mistanely uploaded without having the patches addes to the debian/patches/series files. Schedule this update rather trough the next point release to have this error rectified in the next point release. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -183961,6 +183961,7 @@ CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unico CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...) {DSA-3112-1 DLA-128-1} - sox 14.4.2-2 (bug #773720) + [stretch] - sox <no-dsa> (Minor issue, will be fixed via point release) NOTE: The two needed patches were added in 14.4.1-5 but not to the series file NOTE: so the patches got not applied during build. CVE-2014-8144 (Cross-site request forgery (CSRF) vulnerability in doorkeeper before ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39ab73f572149c59e3d2f082d46c088578282bf1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39ab73f572149c59e3d2f082d46c088578282bf1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits