[Secure-testing-commits] r10344 - data/CVE

[white at alioth.debian.org]

Author: white
Date: 2008-11-08 09:20:21 +0000 (Sat, 08 Nov 2008)
New Revision: 10344

Modified:
   data/CVE/list
Log:
gstreamer0.10-ffmpeg in lenny uses ffmpeg; one issue potentially affects etch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-08 09:14:13 UTC (rev 10343)
+++ data/CVE/list	2008-11-08 09:20:21 UTC (rev 10344)
@@ -185,6 +185,7 @@
 	- ffmpeg-debian <unfixed> (bug #504977)
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
+	- gstreamer0.10-ffmpeg 0.10.3-2
 	TODO: check other code copies
 CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...)
 	- ffmpeg-debian <not-affected> (Vulnerable code not present)
@@ -193,6 +194,8 @@
 	[etch] - mplayer <not-affected> (Vulnerable code not present)
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
+	- gstreamer0.10-ffmpeg 0.10.3-2
+	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 	TODO: check other code copies
 CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as ...)
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
@@ -201,6 +204,8 @@
 	[etch] - mplayer <not-affected> (Vulnerable code not present)
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
+	- gstreamer0.10-ffmpeg 0.10.3-2
+	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 	TODO: check other code copies
 CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...)
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
@@ -208,6 +213,8 @@
 	- mplayer 1.0~rc2-14
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
+	- gstreamer0.10-ffmpeg 0.10.3-2
+	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 	TODO: check other code copies
 CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...)
 	TODO: check