bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian

From:	Mark H Weaver
Subject:	bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian
Date:	Tue, 06 Aug 2019 03:27:43 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)

Hi,

address@hidden wrote:

> I think that package "libmad" should be updated to include fixes for the
> following vulnerabilities:
> https://security-tracker.debian.org/tracker/CVE-2017-8372,
> https://security-tracker.debian.org/tracker/CVE-2017-8373,
> https://security-tracker.debian.org/tracker/CVE-2017-8374.
> This can be done by applying md_size.diff from Debian and replacing
> libmad-frame-length.patch with length-check.diff from Debian.

I've applied the updates that you recommended in commit
aac6c53a7bc9a8d22e88a490ebc99ec79d64a05b on our 'master' branch.

Thanks very much for bringing this to our attention.

     Best,
      Mark

[Prev in Thread]

Current Thread

[Next in Thread]

bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian, Mark H Weaver <=

Prev by Date: bug#36870: was: date bug -- really locale bug or ??
Next by Date: bug#36944: Xfce Panel shortcuts after updates might not work
Previous by thread: bug#36870: was: date bug -- really locale bug or ??
Next by thread: bug#36944: Xfce Panel shortcuts after updates might not work
Index(es):
- Date
- Thread