Wheezy update of vorbis-tools for CVE-2015-6749

Petter Reinholdtsen pere at hungry.com
Sun Jul 2 22:50:45 UTC 2017 

[Petter Reinholdtsen]
> Thank you.  I'm building and testing in wheezy at the moment, and will
> upload when I am done.  I would be very happy if someone else took the
> bookkeeping.

I'm not quite sure if the CVE tracker should be updated like this for
LTS entries or not.  Perhaps someone who know can update it if that is
the right thing to do?

Index: list
===================================================================
--- list	(revision 53134)
+++ list	(working copy)
@@ -66164,7 +66164,7 @@
 	{DLA-317-1}
 	- vorbis-tools 1.4.0-7 (bug #797461)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
-	[wheezy] - vorbis-tools <no-dsa> (Minor issue)
+	[wheezy] - vorbis-tools 1.4.0-1+deb7u1 (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/29/1
 	NOTE: https://trac.xiph.org/ticket/2212
 CVE-2015-6741
@@ -82720,6 +82720,7 @@
 	{DLA-317-1}
 	- vorbis-tools 1.4.0-7 (unimportant; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
+	[wheezy] - vorbis-tools 1.4.0-1+deb7u1
 	- opus-tools 0.1.10-1 (unimportant; bug #780160)
 	NOTE: https://trac.xiph.org/ticket/2137
 	NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
@@ -82729,7 +82730,7 @@
 	{DLA-317-1}
 	- vorbis-tools 1.4.0-7 (low; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
-	[wheezy] - vorbis-tools <no-dsa> (Minor issue)
+	[wheezy] - vorbis-tools 1.4.0-1+deb7u1
 	[squeeze] - vorbis-tools <no-dsa> (Minor issue)
 	- opus-tools 0.1.10-1 (bug #780160)
 	[jessie] - opus-tools <no-dsa> (Minor issue)
@@ -82740,7 +82741,7 @@
 CVE-2014-9640 (oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause ...)
 	{DLA-317-1}
 	- vorbis-tools 1.4.0-6 (bug #771363)
-	[wheezy] - vorbis-tools <no-dsa> (Minor issue)
+	[wheezy] - vorbis-tools 1.4.0-1+deb7u1
 	[squeeze] - vorbis-tools <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/ticket/2009
 	NOTE: Upstream fix: https://trac.xiph.org/changeset/19117
-- 
Happy hacking
Petter Reinholdtsen

More information about the pkg-xiph-maint mailing list