Author: carnil Date: 2017-11-19 20:02:54 +0000 (Sun, 19 Nov 2017) New Revision: 57837
Modified: data/CVE/list Log: Three CVEs verified to be fixed for sox in experimental Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-19 19:30:34 UTC (rev 57836) +++ data/CVE/list 2017-11-19 20:02:54 UTC (rev 57837) @@ -16099,12 +16099,14 @@ NOTE: https://github.com/ImageMagick/ImageMagick/issues/518 NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30 CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...) + [experimental] - sox 14.4.2-1 - sox <unfixed> (bug #870328) [stretch] - sox <no-dsa> (Minor issue) [jessie] - sox <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Jul/81 NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/ CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...) + [experimental] - sox 14.4.2-1 - sox <unfixed> (bug #870328) [stretch] - sox <no-dsa> (Minor issue) [jessie] - sox <no-dsa> (Minor issue) @@ -16237,6 +16239,7 @@ NOTE: http://seclists.org/fulldisclosure/2017/Jul/82 NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332 CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...) + [experimental] - sox 14.4.2-1 - sox <unfixed> (bug #870328) [stretch] - sox <no-dsa> (Minor issue) [jessie] - sox <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits