Bug#876780: libvorbis: CVE-2017-14160

Moritz Mühlenhoff Wed, 20 Feb 2019 14:30:25 -0800

On Fri, May 11, 2018 at 10:20:42PM +0200, Salvatore Bonaccorso wrote:
> Control: retitle -1 libvorbis: CVE-2017-14160 (+ CVE-2018-10392 
> CVE-2018-10393)
> Control: tags -1 + fixed-upstream
> 
> Hi
> 
> This issue (cf. https://gitlab.xiph.org/xiph/vorbis/issues/2330) was
> adressed upstream by
> https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
> . There are as well CVE-2018-10392 CVE-2018-10393 which are fixed by
> the same fix. MITRE has assigned two additional CVEs possibly due to
> different vector.


Could we still get this in buster, please?

Cheers,
        Moritz

Bug#876780: libvorbis: CVE-2017-14160

Reply via email to