Author: apo Date: 2017-11-30 21:00:27 +0000 (Thu, 30 Nov 2017) New Revision: 58155
Modified: data/CVE/list Log: Fix wrong "is fixed" version for sox CVE-2017-15372 and CVE-2017-15642 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-30 20:51:27 UTC (rev 58154) +++ data/CVE/list 2017-11-30 21:00:27 UTC (rev 58155) @@ -5562,7 +5562,7 @@ [jessie] - musl <no-dsa> (Minor issue) NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395 CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is ...) - - sox 4.4.2-2 (bug #882144) + - sox 14.4.2-2 (bug #882144) [stretch] - sox <no-dsa> (Minor issue) [jessie] - sox <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/sox/bugs/298/ @@ -6227,7 +6227,7 @@ CVE-2017-15373 (E-Sic 1.0 allows SQL injection via the q parameter to ...) NOT-FOR-US: E-Sic CVE-2017-15372 (There is a stack-based buffer overflow in the ...) - - sox 4.4.2-2 (bug #878808) + - sox 14.4.2-2 (bug #878808) [stretch] - sox <no-dsa> (Minor issue) [jessie] - sox <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits