diff options
| author | Stefan Fritsch <sf@sfritsch.de> | 2020-11-07 18:48:51 +0100 |
|---|---|---|
| committer | Stefan Fritsch <sf@sfritsch.de> | 2020-11-07 19:29:33 +0100 |
| commit | 1d0ef18b82ce8ce46da6342db5c162f28ccc1042 (patch) | |
| tree | cd8418e49e93f21d831973f7639ef80dd97f2474 /data/CVE/2017.list | |
| parent | b7f4e2546de1bb680a2d10bae752090d625ac9b3 (diff) | |
Update mp3gain info
mp3gain has been re-introduced into Debian. It no longer embeds
mpg123.
Diffstat (limited to 'data/CVE/2017.list')
| -rw-r--r-- | data/CVE/2017.list | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index cd2d74cd23..0fccf4f7a6 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -13081,31 +13081,33 @@ CVE-2017-14414 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_be CVE-2017-14413 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) d ...) NOT-FOR-US: D-Link CVE-2017-14412 (An invalid memory write was discovered in copy_mp in interface.c in mp ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-invalid-memory-write-in-copy_mp-mpglibdblinterface-c/ CVE-2017-14411 (A stack-based buffer overflow was discovered in copy_mp in interface.c ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-copy_mp-mpglibdblinterface-c/ CVE-2017-14410 (A buffer over-read was discovered in III_i_stereo in layer3.c in mpgli ...) - - mp3gain <removed> + - mp3gain CVE-2018-10776 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_i_stereo-mpglibdbllayer3-c/ CVE-2017-14409 (A buffer overflow was discovered in III_dequantize_sample in layer3.c ...) - - mp3gain <removed> + - mp3gain CVE-2018-10776 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_dequantize_sample-mpglibdbllayer3-c/ CVE-2017-14408 (A stack-based buffer over-read was discovered in dct36 in layer3.c in ...) - - mp3gain <removed> + - mp3gain CVE-2018-10776 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c/ CVE-2017-14407 (A stack-based buffer over-read was discovered in filterYule in gain_an ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-filteryule-gain_analysis-c/ + NOTE: Not reproducible with 1.6.2. + NOTE: Caught by ASAN according to CVE. mp3gain is compiled with ASAN on: amd64 i386 armel armhf powerpc CVE-2017-14406 (A NULL pointer dereference was discovered in sync_buffer in interface. ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-null-pointer-dereference-in-sync_buffer-mpglibdblinterface-c/ CVE-2017-14405 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote comma ...) @@ -17113,11 +17115,11 @@ CVE-2017-12914 CVE-2017-12913 RESERVED CVE-2017-12912 (The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU CVE-2017-12911 (The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which resu ...) - - mp3gain <removed> + - mp3gain 1.6.2-1 [wheezy] - mp3gain <end-of-life> NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU CVE-2017-12910 (SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows rem ...) |