Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
39ab73f5 by Salvatore Bonaccorso at 2019-02-01T15:53:45Z
Mark CVE-2014-8145/sox as no-dsa
There is after several years no point of issuing a DSA for this only,
as it was mistanely uploaded without having the patches addes to the
debian/patches/series files.
Schedule this update rather trough the next point release to have this
error rectified in the next point release.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -183961,6 +183961,7 @@ CVE-2014-8146 (The resolveImplicitLevels function in
common/ubidi.c in the Unico
CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX)
14.4.1 ...)
{DSA-3112-1 DLA-128-1}
- sox 14.4.2-2 (bug #773720)
+ [stretch] - sox <no-dsa> (Minor issue, will be fixed via point release)
NOTE: The two needed patches were added in 14.4.1-5 but not to the
series file
NOTE: so the patches got not applied during build.
CVE-2014-8144 (Cross-site request forgery (CSRF) vulnerability in doorkeeper
before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39ab73f572149c59e3d2f082d46c088578282bf1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39ab73f572149c59e3d2f082d46c088578282bf1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
