GNU bug report logs - #36910
CVE patches for libmad

Previous Next

Package: guix;

Reported by: marit <at> secmail.pro

Date: Sat, 3 Aug 2019 15:18:03 UTC

Severity: important

Tags: security

Merged with 36909

Done: Mark H Weaver <mhw <at> netris.org>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: marit <at> secmail.pro
To: bug-guix <at> gnu.org
Subject: CVE patches for libmad
Date: Sat, 3 Aug 2019 05:56:31 -0700

Package: libmad
Version: 0.15.1b
Tags: security
Severity: important

Hello!

I think that package "libmad" should be updated to include fixes for the
following vulnerabilities: CVE-2017-8372, CVE-2017-8373, CVE-2017-8374.
This can be done by applying md_size.diff and replacing
libmad-frame-length.patch with length-check.diff (*.diff are from Debian
GNU/Linux).

Best regards!

This bug report was last modified 5 years and 352 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #36910 CVE patches for libmad

GNU bug report logs - #36910
CVE patches for libmad