Author: hle
Date: 2017-09-07 19:49:24 +0000 (Thu, 07 Sep 2017)
New Revision: 55553
Modified:
data/CVE/list
Log:
Add links to upstream bug tracking system for CVE-2017-98{69-72}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-07 19:01:50 UTC (rev 55552)
+++ data/CVE/list 2017-09-07 19:49:24 UTC (rev 55553)
@@ -10220,21 +10220,25 @@
[stretch] - lame <no-dsa> (Minor issue)
[jessie] - lame <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/
+ NOTE: https://sourceforge.net/p/lame/bugs/482/
CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
- lame <unfixed> (bug #867725)
[stretch] - lame <no-dsa> (Minor issue)
[jessie] - lame <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
+ NOTE: https://sourceforge.net/p/lame/bugs/483/
CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
- lame <unfixed> (bug #867725)
[stretch] - lame <no-dsa> (Minor issue)
[jessie] - lame <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/
+ NOTE: https://sourceforge.net/p/lame/bugs/481/
CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in ...)
- lame <unfixed> (bug #867725)
[stretch] - lame <no-dsa> (Minor issue)
[jessie] - lame <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/
+ NOTE: https://sourceforge.net/p/lame/bugs/475/
CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence
file) is ...)
- mosquitto <unfixed> (bug #865959)
[stretch] - mosquitto <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
