[Git][security-tracker-team/security-tracker][master] Opened issue upstream

Enrico Zini (@enrico) Tue, 28 Jun 2022 05:41:07 -0700


Enrico Zini pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
977af45f by Enrico Zini at 2022-06-28T14:40:46+02:00
Opened issue upstream

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -56785,6 +56785,7 @@ CVE-2021-40427
 CVE-2021-40426 (A heap-based buffer overflow vulnerability exists in the 
sphere.c star ...)
        - sox <unfixed> (bug #1012138)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1434
+       NOTE: https://sourceforge.net/p/sox/bugs/362/
 CVE-2021-40425 (An out-of-bounds read vulnerability exists in the IOCTL 
GetProcessComm ...)
        NOT-FOR-US: Webroot
 CVE-2021-40424 (An out-of-bounds read vulnerability exists in the IOCTL 
GetProcessComm ...)


=====================================
data/dla-needed.txt
=====================================
@@ -279,11 +279,12 @@ snapd
   NOTE: 20220308: seems vulnerable at least to setup_private_mount,
   NOTE: 20220308: but double check (pochu)
 --
-sox (enrico)
+sox
   NOTE: 20220529: Programming language: C.
   NOTE: 20220326: CVE-2019-13590 is fixed in git (Anton)
   NOTE: 20220326: https://salsa.debian.org/lts-team/packages/sox
   NOTE: 20220326: fix for CVE-2021-40426 is not yet available (Anton)
+  NOTE: 20220628: opened https://sourceforge.net/p/sox/bugs/362/ to track 
progress upstream (enrico)
 --
 spip
   NOTE: 20220529: Programming language: PHP.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/977af45f0e94bf6764cc480662f44d2a18380c1d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/977af45f0e94bf6764cc480662f44d2a18380c1d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Opened issue upstream

Reply via email to