Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
84d2a655 by Salvatore Bonaccorso at 2020-12-16T06:29:59+01:00
Replace some old code hosting references to new location
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -174839,7 +174839,7 @@ CVE-2018-5146 (An out of bounds memory write while
processing Vorbis audio data
- firefox-esr 52.7.2esr-1
- thunderbird 1:52.7.0-1
- libvorbis 1.3.5-4.2 (bug #893130)
- NOTE:
https://git.xiph.org/?p=vorbis.git;a=commit;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f
+ NOTE:
https://github.com/xiph/vorbis/commit/667ceb4aab60c1f74060143bb24e5f427b3cce5f
(v1.3.6)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
CVE-2018-5145 (Memory safety bugs were reported in Firefox ESR 52.6. These
bugs showe ...)
@@ -221280,7 +221280,7 @@ CVE-2017-6888 (An error in the
"read_metadata_vorbiscomment_()" function (src/li
[jessie] - flac <no-dsa> (Minor issue)
[wheezy] - flac <no-dsa> (Minor issue)
NOTE:
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-7/
- NOTE:
https://git.xiph.org/?p=flac.git;a=commit;h=4f47b63e9c971e6391590caf00a0f2a5ed612e67
(broken link)
+ NOTE:
https://github.com/xiph/flac/commit/4f47b63e9c971e6391590caf00a0f2a5ed612e67
(1.3.3)
NOTE:
https://android.googlesource.com/platform/external/flac/+/4f47b63e9c971e6391590caf00a0f2a5ed612e67
CVE-2017-6887 (A boundary error within the "parse_tiff_ifd()" function
(internal/dcra ...)
{DSA-3950-1 DLA-1057-1}
@@ -239324,7 +239324,7 @@ CVE-2017-0381 (An information disclosure
vulnerability in silk/NLSF_stabilize.c
- opus 1.2~alpha2-1 (bug #851612)
[jessie] - opus <ignored> (Minor issue,
https://bugs.debian.org/851612#10)
NOTE: Fixed by:
https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409
(v1.2-alpha)
- NOTE: https://git.xiph.org/?p=opus.git;a=commitdiff;h=70a3d641b
+ NOTE:
https://github.com/xiph/opus/commit/70a3d641b760b3d313b6025f82aed93a460720e5
CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in
"commands_dump" funct ...)
- bluez <unfixed> (unimportant; bug #847837)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
@@ -297842,8 +297842,8 @@ CVE-2014-9028 (Heap-based buffer overflow in
stream_decoder.c in libFLAC before
{DSA-3082-1 DLA-99-1}
- flac 1.3.0-3 (bug #770918)
NOTE: Upstream patches:
- NOTE:
https://git.xiph.org/?p=flac.git;a=commit;h=fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
- NOTE:
https://git.xiph.org/?p=flac.git;a=patch;h=5a365996d739bdf4711af51d9c2c71c8a5e14660
+ NOTE:
https://github.com/xiph/flac/commit/fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
(1.3.1pre1)
+ NOTE:
https://github.com/xiph/flac/commit/5a365996d739bdf4711af51d9c2c71c8a5e14660
(1.3.1)
CVE-2014-9014 (Directory traversal vulnerability in the ajaxinit function in
wpmarket ...)
NOT-FOR-US: WP Marketplace plugin for WordPress
CVE-2014-9013 (The ajaxinit function in wpmarketplace/libs/cart.php in the WP
Marketp ...)
@@ -298732,7 +298732,7 @@ CVE-2014-8963
CVE-2014-8962 (Stack-based buffer overflow in stream_decoder.c in libFLAC
before 1.3. ...)
{DSA-3082-1 DLA-99-1}
- flac 1.3.0-3 (bug #770918)
- NOTE:
https://git.xiph.org/?p=flac.git;a=patch;h=5b3033a2b355068c11fe637e14ac742d273f076e
+ NOTE:
https://github.com/xiph/flac/commit/5b3033a2b355068c11fe637e14ac742d273f076e
(1.3.1pre1)
NOTE: http://lists.xiph.org/pipermail/flac-dev/2014-November/005185.html
CVE-2014-8961 (Directory traversal vulnerability in
libraries/error_report.lib.php in ...)
- phpmyadmin 4:4.2.12-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2a6555452528037e1c48d5156bad1dfcf10d6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2a6555452528037e1c48d5156bad1dfcf10d6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
