Summary: | <media-libs/aubio-0.4.9: Multiple vulnerabilities (CVE-2018-{1980019801,19802},CVE-2019-{1010222,1010223,1010224}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | proaudio |
Priority: | Normal | Keywords: | CC-ARCHES |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=679184 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=media-libs/aubio-0.4.9
|
Runtime testing required: | --- |
Bug Depends on: | 692344 | ||
Bug Blocks: |
Description
Sam James
2020-03-01 20:40:42 UTC
3) CVE-2019-1010222 Description: "aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash. The component is: filterbank. The attack vector is: pass invalid arguments to new_aubio_filterbank. The fixed version is: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e." URL: https://www.cvedetails.com/cve/CVE-2019-1010222/ CVE-2019-1010222 CVE ID: CVE-2019-1010222 Summary: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19801. Reason: This candidate is a reservation duplicate of CVE-2018-19801. Notes: All CVE users should reference CVE-2018-19801 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Published: 2019-07-22T18:15:11.000Z -------------------------------------------------------------------------------- State: REJECTED Bugs: CVE-2019-1010223 CVE ID: CVE-2019-1010223 Summary: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19800. Reason: This candidate is a reservation duplicate of CVE-2018-19800. Notes: All CVE users should reference CVE-2018-19800 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Published: 2019-07-22T18:15:11.000Z -------------------------------------------------------------------------------- State: REJECTED Bugs: CVE-2019-1010224 CVE ID: CVE-2019-1010224 Summary: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19802. Reason: This candidate is a reservation duplicate of CVE-2018-19802. Notes: All CVE users should reference CVE-2018-19802 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Published: 2019-07-22T18:15:11.000Z -------------------------------------------------------------------------------- State: REJECTED Bugs: __________________________ Leaving Rejected CVE's so that able to search, but putting in new proper numbers in as well. Masked USE=doc for now for bug 679184. Stabilising... x86 stable ppc64 stable amd64 stable sparc stable Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3fada402b4218b1e0e6e731900d6f889f1939d82 commit 3fada402b4218b1e0e6e731900d6f889f1939d82 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-16 00:29:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-16 01:01:34 +0000 media-libs/aubio: security cleanup Bug: https://bugs.gentoo.org/711226 Package-Manager: Portage-2.3.99, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> media-libs/aubio/Manifest | 2 - media-libs/aubio/aubio-0.4.7-r1.ebuild | 123 ----------------------- media-libs/aubio/aubio-0.4.8.ebuild | 124 ------------------------ media-libs/aubio/files/aubio-0.4.8-docdir.patch | 20 ---- 4 files changed, 269 deletions(-) |