[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 as no-dsa

Fri, 11 May 2018 13:33:07 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
03d46807 by Salvatore Bonaccorso at 2018-05-11T22:31:18+02:00
Mark CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1396,12 +1396,16 @@ CVE-2018-10394
        RESERVED
 CVE-2018-10393 (bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a 
...)
        - libvorbis <unfixed> (bug #876780)
+       [stretch] - libvorbis <no-dsa> (Minor issue)
+       [jessie] - libvorbis <no-dsa> (Minor issue)
        [wheezy] - libvorbis <ignored> (Minor issue)
        NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2334
        NOTE: Fixed by: 
https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
        NOTE: Same patch as for CVE-2017-14160
 CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 
does not ...)
        - libvorbis <unfixed> (bug #876780)
+       [stretch] - libvorbis <no-dsa> (Minor issue)
+       [jessie] - libvorbis <no-dsa> (Minor issue)
        [wheezy] - libvorbis <ignored> (Minor issue)
        NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335
        NOTE: Fixed by: 
https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
@@ -39085,8 +39089,8 @@ CVE-2017-14165 (The ReadSUNImage function in 
coders/sun.c in GraphicsMagick 1.3.
        NOTE: https://sourceforge.net/p/graphicsmagick/bugs/442/
 CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org 
libvorbis 1.3.5 ...)
        - libvorbis <unfixed> (bug #876780)
-       [stretch] - libvorbis <postponed> (Minor issue, can be revisited once 
fixed upstream)
-       [jessie] - libvorbis <postponed> (Minor issue, can be revisited once 
fixed upstream)
+       [stretch] - libvorbis <no-dsa> (Minor issue)
+       [jessie] - libvorbis <no-dsa> (Minor issue)
        [wheezy] - libvorbis <postponed> (Minor issue, can be revisited once 
fixed upstream)
        NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/2
        NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03d468072b27a489abe31f50a2450878f236d591

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03d468072b27a489abe31f50a2450878f236d591
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to