CVE patches for libmad

  • Done
  • quality assurance status badge
Details
2 participants
  • marit
  • Glenn Morris
Owner
unassigned
Submitted by
marit
Severity
important
Merged with

Debbugs page

marit wrote 6 years ago
(address . bug-guix@gnu.org)
22bbbfa18093ff3ba1351145a9fe8733.squirrel@giyzk7o6dcunb2ry.onion
Package: libmad
Version: 0.15.1b
Tags: security
Severity: important

Hello!

I think that package "libmad" should be updated to include fixes for the
following vulnerabilities: CVE-2017-8372, CVE-2017-8373, CVE-2017-8374.
This can be done by applying md_size.diff and replacing
libmad-frame-length.patch with length-check.diff (*.diff are from Debian
GNU/Linux).

Best regards!
marit wrote 6 years ago
Merge #36910 and #36909
(address . control@debbugs.gnu.org)
ec6df7c6bd6fbdb86970aeb587ec4b33.squirrel@giyzk7o6dcunb2ry.onion
merge 36909 36910
# #36910 is a duplicate of #36909, submitted by mistake.
Glenn Morris wrote 6 years ago
control message for bug 36910
(address . control@debbugs.gnu.org)
E1hty89-0003mS-E1@fencepost.gnu.org
merge 36909 36910
Glenn Morris wrote 6 years ago
control message for bug 36909
(address . control@debbugs.gnu.org)
E1hty8P-0003mz-1E@fencepost.gnu.org
reassign 36909 guix
?
Your comment

This issue is archived.

To comment on this conversation send an email to 36910@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 36910
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help