Author: hle Date: 2017-09-07 19:49:24 +0000 (Thu, 07 Sep 2017) New Revision: 55553
Modified: data/CVE/list Log: Add links to upstream bug tracking system for CVE-2017-98{69-72} Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-07 19:01:50 UTC (rev 55552) +++ data/CVE/list 2017-09-07 19:49:24 UTC (rev 55553) @@ -10220,21 +10220,25 @@ [stretch] - lame <no-dsa> (Minor issue) [jessie] - lame <no-dsa> (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/ + NOTE: https://sourceforge.net/p/lame/bugs/482/ CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...) - lame <unfixed> (bug #867725) [stretch] - lame <no-dsa> (Minor issue) [jessie] - lame <no-dsa> (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/ + NOTE: https://sourceforge.net/p/lame/bugs/483/ CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in ...) - lame <unfixed> (bug #867725) [stretch] - lame <no-dsa> (Minor issue) [jessie] - lame <no-dsa> (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/ + NOTE: https://sourceforge.net/p/lame/bugs/481/ CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in ...) - lame <unfixed> (bug #867725) [stretch] - lame <no-dsa> (Minor issue) [jessie] - lame <no-dsa> (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/ + NOTE: https://sourceforge.net/p/lame/bugs/475/ CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...) - mosquitto <unfixed> (bug #865959) [stretch] - mosquitto <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits