diff options
author | Adrian Bunk <bunk@debian.org> | 2021-09-30 23:13:06 +0300 |
---|---|---|
committer | Adrian Bunk <bunk@debian.org> | 2021-09-30 23:14:23 +0300 |
commit | 0d92c542f63f84d922fd1f89cc5ae7f669c029ab (patch) | |
tree | c9abf7d978b325a03b842bbefcf060a2c7137155 /data | |
parent | 40520f09cb007a151f5a0f3db8e455e78306b020 (diff) |
Reserve DLA-2772-1 for taglib
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 2 |
3 files changed, 3 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index a7fe99137d..95ec3cffbe 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -213536,7 +213536,6 @@ CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function CVE-2018-11439 (The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLi ...) {DLA-1430-1} - taglib 1.11.1+dfsg.1-0.3 (bug #903847) - [stretch] - taglib <no-dsa> (Minor issue) NOTE: PoC: http://seclists.org/fulldisclosure/2018/May/49 NOTE: Upstream issue: https://github.com/taglib/taglib/issues/868 NOTE: Pull request: https://github.com/taglib/taglib/pull/869 @@ -260259,7 +260258,6 @@ CVE-2017-12679 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delc NOT-FOR-US: NexusPHP CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefac ...) - taglib 1.11.1+dfsg.1-0.2 (bug #871511) - [stretch] - taglib <no-dsa> (Minor issue) [jessie] - taglib <not-affected> (Vulnerable code not present) [wheezy] - taglib <not-affected> (Vulnerable code not present) - silverjuke <not-affected> (Vulnerable code not present, based on older taglib version) diff --git a/data/DLA/list b/data/DLA/list index 481a42262f..f3f36e3eea 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[30 Sep 2021] DLA-2772-1 taglib - security update + {CVE-2017-12678 CVE-2018-11439} + [stretch] - taglib 1.11.1+dfsg.1-0.3+deb9u1 [30 Sep 2021] DLA-2771-1 krb5 - security update {CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 CVE-2021-37750} [stretch] - krb5 1.15-1+deb9u3 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index aeaa1e0cdf..b7bded36b7 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -103,7 +103,5 @@ smarty3 squashfs-tools (Thorsten Alteholz) NOTE: 20210926: coordinate with upload to other releases -- -taglib (Adrian Bunk) --- tiff (Utkarsh) -- |