[Secure-testing-commits] r10342 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sat Nov 8 09:09:47 UTC 2008 

Author: white
Date: 2008-11-08 09:09:46 +0000 (Sat, 08 Nov 2008)
New Revision: 10342

Modified:
   data/CVE/list
Log:
kino uses ffmpeg in lenny; doesn't ship ffmpeg in etch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-08 08:58:09 UTC (rev 10341)
+++ data/CVE/list	2008-11-08 09:09:46 UTC (rev 10342)
@@ -183,23 +183,31 @@
 	NOTE: changing this should ensure on its own that the mode is secure
 CVE-2008-4869 (FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers ...)
 	- ffmpeg-debian <unfixed> (bug #504977)
+	- kino 1.0.0-1
+	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	TODO: check other code copies
 CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...)
 	- ffmpeg-debian <not-affected> (Vulnerable code not present)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- mplayer 1.0~rc2-14
 	[etch] - mplayer <not-affected> (Vulnerable code not present)
+	- kino 1.0.0-1
+	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	TODO: check other code copies
 CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as ...)
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
+	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- mplayer 1.0~rc2-14
-	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
 	[etch] - mplayer <not-affected> (Vulnerable code not present)
+	- kino 1.0.0-1
+	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	TODO: check other code copies
 CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...)
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
+	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- mplayer 1.0~rc2-14
-	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
+	- kino 1.0.0-1
+	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	TODO: check other code copies
 CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...)
 	TODO: check

More information about the Secure-testing-commits mailing list