Author: carnil Date: 2015-01-21 15:21:48 +0000 (Wed, 21 Jan 2015) New Revision: 31576
Modified: data/CVE/list Log: Add three new vorbis-tools issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-01-21 15:17:17 UTC (rev 31575) +++ data/CVE/list 2015-01-21 15:21:48 UTC (rev 31576) @@ -1,3 +1,16 @@ +CVE-2015-XXXX [Oggenc division by zero issue] + - vorbis-tools <unfixed> + NOTE: https://trac.xiph.org/ticket/2137 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/5 +CVE-2015-XXXX [Oggenc channel integer overflow] + - vorbis-tools <unfixed> + NOTE: https://trac.xiph.org/ticket/2136 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/5 +CVE-2014-XXXX [segfault when trying to encode trivial raw input] + - vorbis-tools <unfixed> + NOTE: https://trac.xiph.org/ticket/2009 + NOTE: Upstream fix: https://trac.xiph.org/changeset/19117 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/21/6 CVE-2015-XXXX [(another) directory traversal via symlinks -- incomplete fix for CVE-2015-1196] - patch <unfixed> (bug #775901) [wheezy] - patch <not-affected> (Not affected by CVE-2015-1196 and no incomplete fix applied) _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
