Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8fe69ead by Salvatore Bonaccorso at 2019-05-11T19:32:12Z
Mark CVE-2017-12839/mpg123 as no-dsa for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -98974,6 +98974,7 @@ CVE-2017-12840 (A kernel driver, namely DLMFENC.sys,
bundled with the DESLock+ c
NOTE: DESLock+
CVE-2017-12839 (A heap-based buffer over-read in the getbits function in
src/libmpg123 ...)
- mpg123 1.25.6-1
+ [stretch] - mpg123 <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/mpg123/bugs/255/
NOTE:
https://www.mpg123.de/cgi-bin/scm/mpg123/trunk/src/libmpg123/getbits.h?r1=2024&r2=4323&sortby=date
CVE-2017-12838 (Cross-site request forgery (CSRF) vulnerability in NexusPHP
1.5 allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe69ead64e09d535c4c2794cda9b2074d1dc675
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe69ead64e09d535c4c2794cda9b2074d1dc675
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
