Univention Bugzilla – Full Text Bug Listing |
Summary: | faad2: Multiple issues (4.3) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-4-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) Debian NVD |
Description
Quality Assurance
2019-09-16 09:33:55 CEST
--- mirror/ftp/4.3/unmaintained/4.3-2/source/faad2_2.8.0~cvs20161113-1+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/faad2_2.8.0~cvs20161113-1+deb9u2.dsc @@ -1,3 +1,16 @@ +2.8.0~cvs20161113-1+deb9u2 [Fri, 06 Sep 2019 18:52:19 +0200] Hugo Lefeuvre <hle@debian.org>: + + * Non-maintainer upload by the Security Team. + * CVE-2018-20357, CVE-2018-20359, CVE-2018-20197, CVE-2018-20194, + CVE-2018-19503, CVE-2018-20361: multiple memory corruption vulnerabilities + caused by insufficiently sanitized frequency band borders. + * CVE-2018-20358, CVE-2018-20362, CVE-2018-19504, CVE-2018-20195, + CVE-2018-20198: multiple memory corruption vulnerabilities caused by syntax + element inconsistencies (implicit channel mapping reconfiguration). + * CVE-2019-15296: buffer overflow in faad_resetbits. + * CVE-2018-19502: heap based buffer overfow in excluded_channels + (libfaad/syntax.c) (Closes: #914641). + 2.8.0~cvs20161113-1+deb9u1 [Tue, 01 May 2018 17:49:02 +0200] Markus Koschany <apo@debian.org>: * Non-maintainer upload. <http://10.200.17.11/4.3-4/#9181365568213151111> OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-4] 16de6cb61e Bug #50195: faad2 2.8.0~cvs20161113-1+deb9u2 doc/errata/staging/faad2.yaml | 72 +++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 40 deletions(-) [4.3-4] 00edbc840d Bug #50195: faad2 2.8.0~cvs20161113-1+deb9u2 doc/errata/staging/faad2.yaml | 79 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) |