CVE patches for libmad

  • Done
  • quality assurance status badge
Details
2 participants
  • marit
  • Glenn Morris
Owner
unassigned
Submitted by
marit
Severity
important
Merged with

Debbugs page

M
M
marit wrote on 3 Aug 2019 05:56
(address . bug-guix@gnu.org)
22bbbfa18093ff3ba1351145a9fe8733.squirrel@giyzk7o6dcunb2ry.onion
Package: libmad
Version: 0.15.1b
Tags: security
Severity: important

Hello!

I think that package "libmad" should be updated to include fixes for the
following vulnerabilities: CVE-2017-8372, CVE-2017-8373, CVE-2017-8374.
This can be done by applying md_size.diff and replacing
libmad-frame-length.patch with length-check.diff (*.diff are from Debian
GNU/Linux).

Best regards!
M
M
marit wrote on 3 Aug 2019 10:46
Merge #36910 and #36909
(address . control@debbugs.gnu.org)
ec6df7c6bd6fbdb86970aeb587ec4b33.squirrel@giyzk7o6dcunb2ry.onion
merge 36909 36910
# #36910 is a duplicate of #36909, submitted by mistake.
G
G
Glenn Morris wrote on 3 Aug 2019 10:47
control message for bug 36910
(address . control@debbugs.gnu.org)
E1hty89-0003mS-E1@fencepost.gnu.org
merge 36909 36910
G
G
Glenn Morris wrote on 3 Aug 2019 10:48
control message for bug 36909
(address . control@debbugs.gnu.org)
E1hty8P-0003mz-1E@fencepost.gnu.org
reassign 36909 guix
?
Your comment

This issue is archived.

To comment on this conversation send an email to 36910@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 36910
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch