Author: carnil
Date: 2017-11-19 20:02:54 +0000 (Sun, 19 Nov 2017)
New Revision: 57837
Modified:
data/CVE/list
Log:
Three CVEs verified to be fixed for sox in experimental
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-19 19:30:34 UTC (rev 57836)
+++ data/CVE/list 2017-11-19 20:02:54 UTC (rev 57837)
@@ -16099,12 +16099,14 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX)
14.4.2 allows ...)
+ [experimental] - sox 14.4.2-1
- sox <unfixed> (bug #870328)
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX)
14.4.2 ...)
+ [experimental] - sox 14.4.2-1
- sox <unfixed> (bug #870328)
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
@@ -16237,6 +16239,7 @@
NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332
CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2
allows ...)
+ [experimental] - sox 14.4.2-1
- sox <unfixed> (bug #870328)
[stretch] - sox <no-dsa> (Minor issue)
[jessie] - sox <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
