Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8136e92a by Chris Lamb at 2022-08-21T09:41:20-07:00
data/dla-needed.txt: Triage flac for buster LTS (CVE-2021-0561)
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -128593,7 +128593,6 @@ CVE-2021-0561 (In append_to_verify_fifo_interleaved_
of stream_encoder.c, there
{DLA-2951-1}
- flac 1.3.4-1 (bug #1006339)
[bullseye] - flac 1.3.3-2+deb11u1
- [buster] - flac <no-dsa> (Minor issue)
NOTE:
https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be
(1.3.4)
NOTE: https://xiph.org/flac/changelog.html#flac_1.3.4
NOTE:
https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f
=====================================
data/dla-needed.txt
=====================================
@@ -36,6 +36,9 @@ exiv2
NOTE: 20220819: Programming language: C++.
NOTE: 20220819:
https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292
does not directly apply, but a very quick glance suggests the earlier code may
be equally vulnerable. (Chris Lamb)
--
+flac
+ NOTE: 20220821: Programming language: C.
+--
jetty9 (Markus Koschany)
NOTE: 20220802: Programming language: Java.
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8136e92a49724b2bb562286d496a61ced974af29
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8136e92a49724b2bb562286d496a61ced974af29
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
