[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debbugs-tracker] bug#36909: closed (CVE-2017-837{2, 3, 4} patches for l
From: |
GNU bug Tracking System |
Subject: |
[debbugs-tracker] bug#36909: closed (CVE-2017-837{2, 3, 4} patches for libmad from Debian) |
Date: |
Tue, 06 Aug 2019 07:29:03 +0000 |
Your message dated Tue, 06 Aug 2019 03:27:43 -0400
with message-id <address@hidden>
and subject line Re: bug#36909: CVE-2017-837{2,3,4} patches for libmad from
Debian
has caused the debbugs.gnu.org bug report #36909,
regarding CVE-2017-837{2,3,4} patches for libmad from Debian
to be marked as done.
(If you believe you have received this mail in error, please contact
address@hidden.)
--
36909: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=36909
GNU Bug Tracking System
Contact address@hidden with problems
--- Begin Message ---
Subject: |
CVE-2017-837{2,3,4} patches for libmad from Debian |
Date: |
Sat, 3 Aug 2019 05:12:24 -0700 |
User-agent: |
SquirrelMail/1.4.22 |
Package: libmad
Version: 0.15.1b
Tags: security
Severity: important
Hello!
I think that package "libmad" should be updated to include fixes for the
following vulnerabilities:
https://security-tracker.debian.org/tracker/CVE-2017-8372,
https://security-tracker.debian.org/tracker/CVE-2017-8373,
https://security-tracker.debian.org/tracker/CVE-2017-8374.
This can be done by applying md_size.diff from Debian and replacing
libmad-frame-length.patch with length-check.diff from Debian.
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#36909: CVE-2017-837{2,3,4} patches for libmad from Debian |
Date: |
Tue, 06 Aug 2019 03:27:43 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Hi,
address@hidden wrote:
> I think that package "libmad" should be updated to include fixes for the
> following vulnerabilities:
> https://security-tracker.debian.org/tracker/CVE-2017-8372,
> https://security-tracker.debian.org/tracker/CVE-2017-8373,
> https://security-tracker.debian.org/tracker/CVE-2017-8374.
> This can be done by applying md_size.diff from Debian and replacing
> libmad-frame-length.patch with length-check.diff from Debian.
I've applied the updates that you recommended in commit
aac6c53a7bc9a8d22e88a490ebc99ec79d64a05b on our 'master' branch.
Thanks very much for bringing this to our attention.
Best,
Mark
--- End Message ---
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [debbugs-tracker] bug#36909: closed (CVE-2017-837{2, 3, 4} patches for libmad from Debian),
GNU bug Tracking System <=