emacs-bug-tracker
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debbugs-tracker] bug#36909: closed (CVE-2017-837{2, 3, 4} patches for l


From: GNU bug Tracking System
Subject: [debbugs-tracker] bug#36909: closed (CVE-2017-837{2, 3, 4} patches for libmad from Debian)
Date: Tue, 06 Aug 2019 07:29:03 +0000

Your message dated Tue, 06 Aug 2019 03:27:43 -0400
with message-id <address@hidden>
and subject line Re: bug#36909: CVE-2017-837{2,3,4} patches for libmad from 
Debian
has caused the debbugs.gnu.org bug report #36909,
regarding CVE-2017-837{2,3,4} patches for libmad from Debian
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden.)


-- 
36909: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=36909
GNU Bug Tracking System
Contact address@hidden with problems
--- Begin Message --- Subject: CVE-2017-837{2,3,4} patches for libmad from Debian Date: Sat, 3 Aug 2019 05:12:24 -0700 User-agent: SquirrelMail/1.4.22
Package: libmad
Version: 0.15.1b
Tags: security
Severity: important

Hello!
I think that package "libmad" should be updated to include fixes for the
following vulnerabilities:
https://security-tracker.debian.org/tracker/CVE-2017-8372,
https://security-tracker.debian.org/tracker/CVE-2017-8373,
https://security-tracker.debian.org/tracker/CVE-2017-8374.
This can be done by applying md_size.diff from Debian and replacing
libmad-frame-length.patch with length-check.diff from Debian.




--- End Message ---
--- Begin Message --- Subject: Re: bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian Date: Tue, 06 Aug 2019 03:27:43 -0400 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)
Hi,

address@hidden wrote:

> I think that package "libmad" should be updated to include fixes for the
> following vulnerabilities:
> https://security-tracker.debian.org/tracker/CVE-2017-8372,
> https://security-tracker.debian.org/tracker/CVE-2017-8373,
> https://security-tracker.debian.org/tracker/CVE-2017-8374.
> This can be done by applying md_size.diff from Debian and replacing
> libmad-frame-length.patch with length-check.diff from Debian.

I've applied the updates that you recommended in commit
aac6c53a7bc9a8d22e88a490ebc99ec79d64a05b on our 'master' branch.

Thanks very much for bringing this to our attention.

     Best,
      Mark


--- End Message ---

reply via email to

[Prev in Thread] Current Thread [Next in Thread]