CVE patches for libmad

  • Done
  • quality assurance status badge
Details
2 participants
  • marit
  • Glenn Morris
Owner
unassigned
Submitted by
marit
Severity
important
Merged with
M
M
marit wrote on 3 Aug 2019 14:56
(address . bug-guix@gnu.org)
22bbbfa18093ff3ba1351145a9fe8733.squirrel@giyzk7o6dcunb2ry.onion
Package: libmad
Version: 0.15.1b
Tags: security
Severity: important

Hello!

I think that package "libmad" should be updated to include fixes for the
following vulnerabilities: CVE-2017-8372, CVE-2017-8373, CVE-2017-8374.
This can be done by applying md_size.diff and replacing
libmad-frame-length.patch with length-check.diff (*.diff are from Debian
GNU/Linux).

Best regards!
M
M
marit wrote on 3 Aug 2019 19:46
Merge #36910 and #36909
(address . control@debbugs.gnu.org)
ec6df7c6bd6fbdb86970aeb587ec4b33.squirrel@giyzk7o6dcunb2ry.onion
merge 36909 36910
# #36910 is a duplicate of #36909, submitted by mistake.
G
G
Glenn Morris wrote on 3 Aug 2019 19:47
control message for bug 36910
(address . control@debbugs.gnu.org)
E1hty89-0003mS-E1@fencepost.gnu.org
merge 36909 36910
G
G
Glenn Morris wrote on 3 Aug 2019 19:48
control message for bug 36909
(address . control@debbugs.gnu.org)
E1hty8P-0003mz-1E@fencepost.gnu.org
reassign 36909 guix
?