Bug 620516 (CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961)

Summary:	[TRACKER] media-libs/game-music-emu: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	GLSAMaker/CVETool Bot <glsamaker>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	Keywords:	Tracker
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---
Bug Depends on:	603092, 618346
Bug Blocks:

Description GLSAMaker/CVETool Bot gentoo-dev

2017-06-03 14:50:05 UTC

CVE-2016-9957 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9957):
  Stack-based buffer overflow in game-music-emu before 0.6.1.

CVE-2016-9958 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9958):
  game-music-emu before 0.6.1 allows remote attackers to write to arbitrary
  memory locations.

CVE-2016-9959 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9959):
  game-music-emu before 0.6.1 allows remote attackers to generate out of
  bounds 8-bit values.

CVE-2016-9960 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9960):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.

CVE-2016-9961 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9961):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.

Comment 1 Aaron Bauman (RETIRED) gentoo-dev

2018-01-21 02:53:37 UTC

All dependent bugs closed.