[Secure-testing-commits] r17769 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Dec 9 20:51:16 UTC 2011
Author: jmm
Date: 2011-12-09 20:51:16 +0000 (Fri, 09 Dec 2011)
New Revision: 17769
Modified:
data/CVE/list
Log:
asterisk bugnum
openssl no-dsa
record libav fixes instead of ffmpeg, since libav is used in Debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-09 20:46:06 UTC (rev 17768)
+++ data/CVE/list 2011-12-09 20:51:16 UTC (rev 17769)
@@ -321,10 +321,10 @@
RESERVED
CVE-2011-4598 [http://downloads.asterisk.org/pub/security/AST-2011-014.html]
RESERVED
- - asterisk <unfixed>
+ - asterisk <unfixed> (bug #651552)
CVE-2011-4597 [http://downloads.asterisk.org/pub/security/AST-2011-013.html]
RESERVED
- - asterisk <unfixed> (unimportant)
+ - asterisk <unfixed> (unimportant; bug #651552)
NOTE: This is mostly a design limitation and has very little impact
CVE-2011-4596
RESERVED
@@ -895,6 +895,7 @@
- ffmpeg <removed>
- ffmpeg-debian <end-of-life>
NOTE: http://www.usenix.org/events/woot11/tech/final_files/Yamaguchi.pdf
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=494cfacdb9ba3f0549e37f76b3a2f86a7aeeac3c
CVE-2011-4363
RESERVED
- libproc-processtable-perl <unfixed> (low; bug #650500)
@@ -934,30 +935,31 @@
CVE-2011-4354 [OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys]
RESERVED
- openssl 0.9.8o-4squeeze3 (bug #650621)
+ [lenny] - openssl <no-dsa> (Minor issue)
CVE-2011-4353 [VP5/VP6 DoS]
RESERVED
- libav <unfixed>
- ffmpeg <removed>
- ffmpeg-debian <end-of-life>
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c693aa6f71b4f539cf9df67ba42f4b1932981687
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=bb4b0ad83b13c3af57675e80163f3f333adef96f
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e0966eb140b3569b3d6b5b5008961944ef229c06
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=67a7ed6
+ NOTE: hhttp://git.libav.org/?p=libav.git;a=commitdiff;h=c76505e
+ NOTE: hhttp://git.libav.org/?p=libav.git;a=commitdiff;h=30c08e2
+ NOTE: hhttp://git.libav.org/?p=libav.git;a=commitdiff;h=7367cbe
+ NOTE: hhttp://git.libav.org/?p=libav.git;a=commitdiff;h=28acce2
CVE-2011-4352 [VP3 integer overflow]
RESERVED
- libav <unfixed>
- ffmpeg <removed>
- ffmpeg-debian <end-of-life>
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=eef5c35b4352ec49ca41f6198bee8a976b1f81e5
+ NOTE: http://article.gmane.org/gmane.comp.video.libav.devel/15182
CVE-2011-4351 [QDM2 buffer overflow]
RESERVED
- libav <unfixed>
- ffmpeg <removed>
- ffmpeg-debian <end-of-life>
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=491eaf35ae1f9b619441314bec33766e31580184
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=291d74a46d32183653db07818c7b3407fd50a288
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7d49f79f1cd47783a963a757a6563b9cac29db62
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=14db3af4f26dad8e6ddf2147e96ccc710952ad4d
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=895d258e9ba065d035dd30dbc622423031f0185c
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=a31ccacb1a9b2abc0e140a812fb0ffca6f7c2591
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=0d93d5c4614fafea74bdac681673f5b32eb49063
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=73472053516f82b7d273a3d42c583f894077a191
CVE-2011-4350
RESERVED
- yaws 1.91-2 (bug #650009)
More information about the Secure-testing-commits
mailing list