Source: dav1d
Version: 1.3.0-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for dav1d.
CVE-2024-1580[0]:
| An integer overflow in dav1d AV1 decoder that can occur when
| decoding videos with large
Source: libde265
Source-Version: 1.0.15-1
On Wed, Dec 27, 2023 at 06:19:05AM +, Debian FTP Masters wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Format: 1.8
> Date: Thu, 21 Dec 2023 09:29:24 +0100
> Source: libde265
> Architecture: source
> Version: 1.0.15-1
> Distribution: u
Source: libde265
Version: 1.0.12-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/strukturag/libde265/issues/426
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for libde265.
CVE-2023-47471[0]:
| Buffer Overflow vuln
Hi Sebastian,
On Fri, Sep 29, 2023 at 04:00:17PM +0200, Sebastian Ramacher wrote:
> On 2023-09-28 23:14:20 +0200, Salvatore Bonaccorso wrote:
> > X-Debbugs-CC: Sebastian Ramacher
> >
> > Control: tags 1053182 + patch
> > Control: tags 1053182 + pending
&g
pload.
+ * encode_api_test: add ConfigResizeChangeThreadCount
+ * VP8: disallow thread count changes (CVE-2023-5217) (Closes: #1053182)
+
+ -- Salvatore Bonaccorso Thu, 28 Sep 2023 23:07:11 +0200
+
libvpx (1.12.0-1) unstable; urgency=medium
* Team upload
diff -Nru libvpx-1.12.0/debian/patches
Source: libvpx
Version: 1.12.0-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for libvpx.
CVE-2023-5217[0]:
| Heap buffer overflow in vp8 encoding in libvpx in Google
Source: faad2
Version: 2.10.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/knik0/faad2/issues/173
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for faad2.
CVE-2023-38858[0]:
| Buffer Overflow vulnerability infa
Source: faad2
Version: 2.10.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/knik0/faad2/issues/171
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for faad2.
CVE-2023-38857[0]:
| Buffer Overflow vulnerability infa
Source: libheif
Source-Version: 1.16.2-1
This fixes as well CVE-2023-29659, #1035607, closing it manually.
- Forwarded message from Debian FTP Masters
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 20 Jun 2023 11:37:08 +0200
Binary: heif-gdk-pixbuf heif-gdk-p
Control: reopen -1
Hi
Looking at the upstream tag v2.2.1 thos echanges are not yet included.
Can you double check please as well? For instance
https://github.com/gpac/gpac/commit/ba59206b3225f0e8e95a27eff41cb1c49ddf9a3
for CVE-2023-2840 still applies.
Regards,
Salvatore
Control: reopen -1
Hi Reinhard,
I'm unsure on this one, can you elaborate where CVE-2023-0841 has been
fixed with the 2.2.1 upstream version? This was particularly confusing
as the only reference given for the CVE is as Moritz mentioned,
https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp
Source: libde265
Source-Version: 1.0.12-1
- Forwarded message from Debian FTP Masters
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 20 Jun 2023 09:10:00 +0200
Source: libde265
Architecture: source
Version: 1.0.12-1
Distribution: unstable
Urgency: medium
Maint
Source: libheif
Version: 1.15.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/strukturag/libheif/issues/794
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for libheif.
CVE-2023-29659[0]:
| A Segmentation fault ca
Hi Helmut,
On Tue, Mar 14, 2023 at 11:43:28AM +0100, Helmut Grohne wrote:
> Hi Salvatore,
>
> On Tue, Mar 14, 2023 at 08:43:34AM +0100, Salvatore Bonaccorso wrote:
> > Many thanks, Helmut. Unless I'm mistaken this will require a manual
> > unblock as well to enter bookw
Hi Helmut,
On Sun, Mar 12, 2023 at 12:23:57AM +0100, Helmut Grohne wrote:
[...]
> > Is there a minimal testcase available allowed to share on the bug or a
> > way to construct one?
>
> The clues provided are already good. For compressed codecs such as GSM,
> there is no reasonable wBitsPerSample
Hi,
On Mon, Feb 27, 2023 at 05:02:29PM +, Vidicode Support wrote:
> Package: sox
> Version: 14.4.2+git20190427-2+deb11u1
> Severity: normal
> X-Debbugs-Cc: t...@security.debian.org
>
> Dear Maintainer,
>
> We encounter an error that occurs after upgrading to
> 14.4.2+git20190427-2+deb11u1,
Source: kodi
Version: 2:20.0+dfsg-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/xbmc/xbmc/issues/22377
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for kodi.
CVE-2023-23082[0]:
| A heap buffer overflow vulnerab
Hi Tobi,
On Sat, Jan 21, 2023 at 06:21:19PM +0100, Tobias Frost wrote:
> On Fri, 04 Feb 2022 13:14:48 +0100 Moritz Muehlenhoff wrote:
> > Source: libde265
> > Version: 1.0.8-1
> > Severity: grave
> > Tags: security
> > X-Debbugs-Cc: Debian Security Team
> >
> > CVE-2020-21602:
> > https://githu
Source: davs2
Version: 1.6-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/pkuvcl/davs2/issues/29
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for davs2.
CVE-2022-36647[0]:
| PKUVCL davs2 v1.6.205 was discovered
Source: sox
Version: 14.4.2+git20190427-3
Severity: important
Tags: security upstream
Forwarded: https://sourceforge.net/p/sox/bugs/351/
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for sox.
CVE-2021-3643[0]:
| buffer overflow read vulne
Source: audiofile
Version: 0.3.6-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/mpruett/audiofile/issues/60
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for audiofile.
CVE-2022-24599[0]:
| In autofile Audio File
Source: gpac
Version: 2.0.0+dfsg1-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/2138
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for gpac.
CVE-2022-26967[0]:
| GPAC 2.0 allows a heap-based buf
Source: flac
Version: 1.3.3-2
Severity: important
Tags: security upstream fixed-upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for flac.
CVE-2021-0561[0]:
| In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a
| poss
Hi Vasyl,
On Wed, Nov 03, 2021 at 10:05:01PM +, Vasyl Gello wrote:
> Control: fixed -1 2:19.3+dfsg1-1
> Control: found -1 2:19.1+dfsg2-2~bpo10+1-1
>
> Hi Salvatore!
>
> This bug was fixed in 19.3 upstream, and the sid/bookworm version is not
> vulnerable.
Yes you are right, that was an err
Source: kodi
Version: 2:19.3+dfsg1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/xbmc/xbmc/issues/20305
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for kodi.
CVE-2021-42917[0]:
| Buffer overflow vulnerability
Hi,
On Thu, Sep 09, 2021 at 09:07:59AM +0100, Neil Williams wrote:
> Source: gpac
> Version: 1.0.1+dfsg1-5
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: codeh...@debian.org, Debian Security Team
>
>
> A security vulnerability exists in gpac at version 1.0.1+dfsg1-5.
> (Vulnera
Source: gpac
Version: 1.0.1+dfsg1-4
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1842
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for gpac.
CVE-2021-36584[0]:
| An issue was discovered in GPAC
(CVE-2021-3570)
+(Closes: #990748)
+ * tc: Fix length of follow-up message of one-step sync (CVE-2021-3571)
+(Closes: #990749)
+
+ -- Salvatore Bonaccorso Tue, 06 Jul 2021 20:16:00 +0200
+
linuxptp (3.1-2) unstable; urgency=medium
[ Punit Agrawal ]
diff -Nru linuxptp-3.1/debian/pa
of one-step sync (CVE-2021-3571)
+(Closes: #990749)
+
+ -- Salvatore Bonaccorso Tue, 06 Jul 2021 20:16:00 +0200
+
linuxptp (3.1-2) unstable; urgency=medium
[ Punit Agrawal ]
diff -Nru
linuxptp-3.1/debian/patches/Validate-the-messageLength-field-of-incoming-message.patch
linuxptp-3.1
Source: linuxptp
Version: 3.1-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for linuxptp.
CVE-2021-3571[0]:
| linuxptp: wrong length of one-step follow-up in transparent clock
If you fix the vulnera
Source: linuxptp
Version: 3.1-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 1.9.2-1
Hi,
The following vulnerability was published for linuxptp.
CVE-2021-3570[0]:
| linuxptp: missing length check of forwarded messages
If you fi
Control: retitle -1 gpac: CVE-2020-35979 CVE-2020-35980 CVE-2020-35981
CVE-2020-35982
On Thu, Apr 22, 2021 at 07:51:50PM +0200, Salvatore Bonaccorso wrote:
> Source: gpac
> Version: 1.0.1+dfsg1-3
> Severity: grave
> Tags: security upstream
> Justification: user security hole
>
Source: gpac
Version: 1.0.1+dfsg1-3
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for gpac. Unfortunately
another round of CVEs. I'm not sure if you would actually l
Source: gpac
Version: 1.0.1+dfsg1-3
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for gpac, filling a
seprate bug for this set of new CVEs araised yesterday.
CVE-20
Hi,
On Tue, Apr 20, 2021 at 08:55:13PM +0200, Moritz Muehlenhoff wrote:
> Package: gpac
> Version: 1.0.1+dfsg1-3
> Severity: grave
> Tags: security
> X-Debbugs-Cc: Debian Security Team
>
> CVE-2021-31262
> https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
> https://git
Source: fluidsynth
Version: 2.1.7-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/FluidSynth/fluidsynth/issues/808
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for fluidsynth, filling it
as grave to be on safe side be
Source: gpac
Version: 1.0.1+dfsg1-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1702
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-5
Hi,
The following vulnerability was published for gpac.
CVE-2021
Source: libebml
Version: 1.4.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Matroska-Org/libebml/issues/74
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for libebml.
CVE-2021-3405[0].
If you fix the vulnerabil
Source: ffmpeg
Version: 7:4.3.1-5
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for ffmpeg.
CVE-2020-35964[0]:
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-
| bounds write
Source: ffmpeg
Version: 7:4.3.1-5
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for ffmpeg.
CVE-2020-35965[0]:
| decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds
| write becaus
Source: wavpack
Version: 5.3.0-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/dbry/WavPack/issues/91
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for wavpack.
CVE-2020-35738[0]:
| WavPack 5.3.0 has an out-of-bou
Source: flac
Version: 1.3.3-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for flac.
CVE-2020-0499[0]:
| In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a
| possible out of boun
Source: audacity
Version: 2.4.2~dfsg0-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for audacity.
CVE-2020-11867[0]:
| Audacity through 2.3.3 saves temporary files to
| /var/tmp/audacity-$USER by
Source: milkytracker
Version: 1.02.00+dfsg-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: Debian Security Team
Control: found -1 1.02.00+dfsg-1
Hi,
The following vulnerability was published for milkytracker.
CVE-2020-15569[0]:
| PlayerGeneric.cpp in MilkyTracker through 1.02.00 has
Source: xawtv
Version: 3.106-1
Severity: grave
Tags: security upstream
Hi,
The following vulnerability was published for xawtv.
CVE-2020-13696[0]:
| v4l-conf setuid-root program allows file existence tests and open(...,
| O_RDRW) on arbitrary files
If you fix the vulnerability please also make
Hi,
On Sun, Jul 14, 2019 at 10:16:46PM +0200, Salvatore Bonaccorso wrote:
> Source: sox
> Version: 14.4.2+git20190427-1
> Severity: important
> Tags: security upstream
> Forwarded: https://sourceforge.net/p/sox/bugs/325/
>
> Hi,
>
> The following vulnerability was
Source: libmysofa
Version: 0.9.1~dfsg0-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/hoene/libmysofa/issues/96
Hi,
The following vulnerability was published for libmysofa.
CVE-2020-6860[0]:
| libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in
| hdf/
Source: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-5
Severity: important
Tags: security upstream
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3
Hi,
The following vulnerabilities were published for gpac.
CVE-2018-21015[0]:
| AVC_DuplicateConfig() at i
Source: gpac
Version: 0.7.1+dfsg1-3
Severity: normal
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1183
Hi,
The following vulnerability was published for gpac. The issue does not
affeect unstable (please double check though). Filling the bug mainly
for tracking, the versi
Source: libmysofa
Version: 0.7~dfsg0-1
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
The following vulnerabilities were published for libmysofa.
CVE-2019-16091[0]:
| Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in
| hdf/fractalhead.c.
CVE-
Source: milkytracker
Version: 1.02.00+dfsg-1
Severity: important
Tags: security upstream
Hi,
The following vulnerabilities were published for milkytracker.
CVE-2019-14464[0]:
| XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a
| heap-based buffer overflow.
CVE-2019-14496[1]
hi Sebastian,
On Tue, Jul 23, 2019 at 09:24:29PM +0200, Sebastian Ramacher wrote:
> Hi Salvatore
>
> On 2019-07-16 22:36:50, Salvatore Bonaccorso wrote:
> > Source: vlc
> > Version: 3.0.7.1-2
> > Severity: important
> > Tags: security upstream
> > Forwarde
Source: ffmpeg
Version: 7:4.1.3-1
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for ffmpeg, just filling a
repsective 'tracking bug'. TTBOMK so far I have not seen a reference
to fixed version/commits.
CVE-2019-13390[0]:
| In FFmpeg 4.1.3, there is a d
Source: ffmpeg
Version: 7:4.1.3-1
Severity: important
Tags: security upstream fixed-upstream
Hi,
The following vulnerability was published for ffmpeg, it is fixed in
the 4.4.1 release (and was previously fixed already in 3.2 series and
thus was already included in DSA-4449-1).
CVE-2019-12730[0]:
Source: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1250
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3
Hi,
The following vulnerability was published for gpac.
Source: vlc
Version: 3.0.7.1-2
Severity: important
Tags: security upstream
Forwarded: https://trac.videolan.org/vlc/ticket/22474
Control: found -1 3.0.7.1-1
Control: found -1 3.0.7-1
Control: found -1 3.0.7-0+deb9u1
Hi,
The following vulnerability was published for vlc, sorry another one.
For bus
Source: vlc
Version: 3.0.7.1-1
Severity: important
Tags: security upstream
Control: found -1 3.0.7-1
Control: found -1 3.0.7-0+deb9u1
Hi,
The following vulnerability was published for vlc.
CVE-2019-13602[0]:
| An Integer Underflow in MP4_EIA608_Convert() in
| modules/demux/mp4/mp4.c in VideoLAN
Source: sox
Version: 14.4.2+git20190427-1
Severity: important
Tags: security upstream
Forwarded: https://sourceforge.net/p/sox/bugs/325/
Hi,
The following vulnerability was published for sox.
CVE-2019-13590[0]:
| An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h
| (startread functi
Source: wavpack
Version: 5.1.0-6
Severity: important
Tags: security upstream
Forwarded: https://github.com/dbry/WavPack/issues/68
Hi,
The following vulnerability was published for wavpack.
CVE-2019-1010319[0]:
| WavPack 5.1.0 and earlier is affected by: CWE-457: Use of
| Uninitialized Variable.
Source: wavpack
Version: 5.1.0-6
Severity: important
Tags: security upstream
Forwarded: https://github.com/dbry/WavPack/issues/66
Hi,
The following vulnerability was published for wavpack.
CVE-2019-1010317[0]:
| WavPack 5.1.0 and earlier is affected by: CWE-457: Use of
| Uninitialized Variable.
Source: audiofile
Version: 0.3.6-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/mpruett/audiofile/issues/54
Control: found -1 0.3.6-5
Control: found -1 0.3.6-4
Control: found -1 0.3.6-4+deb9u1
Hi,
The following vulnerability was published for audiofile.
CVE-2019-1314
Source: vlc
Version: 3.0.6-1
Severity: grave
Tags: security upstream
Justification: user security hole
Control: fixed -1 3.0.7-1
Control: found -1 3.0.6-0+deb9u1
Hi
Given there are no CVEs for the repsective issues (so far) add a
single tracking bug in the BTS to get a reference, fixed already in
Source: wavpack
Version: 5.1.0-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/dbry/WavPack/issues/67
Hi,
The following vulnerability was published for wavpack.
CVE-2019-11498[0]:
| WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack
| through 5.1.0 h
Source: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-4.1
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1203
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3
Hi,
The following vulnerability was published for gpa
Source: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-4.1
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for gpac.
CVE-2019-11222[0]:
| gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer
| overflow issue for the crypt feature when encountering a
|
Source: libsndfile
Version: 1.0.28-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/erikd/libsndfile/issues/456
Hi,
The following vulnerability was published for libsndfile.
CVE-2019-3832[0]:
incomplete fix for CVE-2018-19758
If you fix the vulnerability please also m
Hi,
On Sun, Jan 20, 2019 at 03:22:31PM +0100, Sebastian Ramacher wrote:
> On 2019-01-19 22:36:05, Salvatore Bonaccorso wrote:
> > Hey!
> >
> > On Thu, Jan 17, 2019 at 12:00:13AM +0100, Sebastian Ramacher wrote:
> > > Control: found -1 2016.11.28-1
> > >
Hi Sebastian,
On Sun, Jan 20, 2019 at 03:01:48PM +0100, Sebastian Ramacher wrote:
> Hi
>
> On 2019-01-19 21:30:04, Debian Bug Tracking System wrote:
> > Processing commands for cont...@bugs.debian.org:
> >
> > > tags 919529 + upstream
> > Bug #919529 {Done: Sebastian Ramacher }
> > [src:liblive
Hey!
On Thu, Jan 17, 2019 at 12:00:13AM +0100, Sebastian Ramacher wrote:
> Control: found -1 2016.11.28-1
>
> On 2019-01-16 23:19:45, Moritz Muehlenhoff wrote:
> > Source: liblivemedia
> > Severity: grave
> > Tags: security
> >
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201
Source: faac
Version: 1.29.9.2-2
Severity: important
Tags: security upstream
Hi,
The following vulnerabilities were published for faac.
CVE-2018-19886[0]:
| An invalid memory address dereference was discovered in the huffcode
| function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC)
|
Source: vlc
Version: 3.0.4-3
Severity: important
Tags: patch security upstream
Hi,
The following vulnerability was published for vlc.
CVE-2018-19857[0]:
| The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player
| 3.0.4 may read memory from an uninitialized pointer when processing
| m
Source: wavpack
Version: 5.1.0-4
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/dbry/WavPack/issues/53
Control: found -1 5.0.0-1
Control: found -1 5.0.0-2+deb9u2
Hi,
The following vulnerability was published for wavpack.
CVE-2018-19840[0]:
| The function WavpackP
Source: wavpack
Version: 5.1.0-4
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/dbry/WavPack/issues/54
Control: found -1 5.0.0-1
Control: found -1 5.0.0-2+deb9u2
Hi,
The following vulnerability was published for wavpack.
CVE-2018-19841[0]:
| The function WavpackV
73 matches
Mail list logo
