[Secure-testing-commits] r17745 - in data: . CVE
Luciano Bello
luciano at alioth.debian.org
Sun Dec 4 12:37:58 UTC 2011
Author: luciano
Date: 2011-12-04 12:37:57 +0000 (Sun, 04 Dec 2011)
New Revision: 17745
Modified:
data/CVE/list
data/embedded-code-copies
Log:
ffmpeg issues (including libav)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-04 11:25:29 UTC (rev 17744)
+++ data/CVE/list 2011-12-04 12:37:57 UTC (rev 17745)
@@ -1,3 +1,12 @@
+CVE-2011-XXXX [FFmpeg Libavcodec memory corruption remote code execution]
+ - libav <unfixed>
+ - mplayer <unfixed>
+ - kino <unfixed>
+ - chromium-browser <unfixed>
+ - ffmpeg <removed>
+ - ffmpeg-debian <end-of-life>
+ NOTE: http://www.openwall.com/lists/oss-security/2011/12/04/1
+ TODO: evaluate severity
CVE-2011-4668 (IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers ...)
TODO: check
CVE-2011-4667
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2011-12-04 11:25:29 UTC (rev 17744)
+++ data/embedded-code-copies 2011-12-04 12:37:57 UTC (rev 17745)
@@ -358,6 +358,7 @@
- avifile 1:0.7.48~20090503.ds-1 (embed; bug #538750)
- audacity 1.3.7-2 (embed; bug #512278)
- chromium-browser <unfixed> (fork)
+ - libav <unfixed>
faad2
- mplayer 1.0~rc2-20 (embed)
More information about the Secure-testing-commits
mailing list