[Secure-testing-commits] r17878 - data/CVE

Tue Dec 27 14:34:06 UTC 2011

Author: jmm
Date: 2011-12-27 14:34:06 +0000 (Tue, 27 Dec 2011)
New Revision: 17878

Modified:
   data/CVE/list
Log:
krb5 fixed
libav fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-12-26 21:14:17 UTC (rev 17877)
+++ data/CVE/list	2011-12-27 14:34:06 UTC (rev 17878)
@@ -1306,7 +1306,7 @@
 	RESERVED
 CVE-2011-4579 [SVQ1 issue]
 	RESERVED
-	- libav <unfixed>
+	- libav 4:0.7.3-1
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4931c8f0f10bf8dedcf626104a6b85bfefadc6f2
@@ -1837,7 +1837,7 @@
 	NOTE: duplicate of CVE-2011-4090
 CVE-2011-4364 [vmd_decode buffer overflow]
 	RESERVED
-	- libav <unfixed>
+	- libav 4:0.7.3-1
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://www.usenix.org/events/woot11/tech/final_files/Yamaguchi.pdf
@@ -1886,7 +1886,7 @@
 	[lenny] - openssl <no-dsa> (Minor issue)
 CVE-2011-4353 [VP5/VP6 DoS]
 	RESERVED
-	- libav <unfixed>
+	- libav 4:0.7.3-1
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=67a7ed6
@@ -1896,13 +1896,13 @@
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=28acce2
 CVE-2011-4352 [VP3 integer overflow]
 	RESERVED
-	- libav <unfixed>
+	- libav 4:0.7.3-1
 	- ffmpeg <not-affected> (Was introduced in 0.6)
 	- ffmpeg-debian <not-affected> (Was introduced in 0.6)
 	NOTE: http://article.gmane.org/gmane.comp.video.libav.devel/15182
 CVE-2011-4351 [QDM2 buffer overflow]
 	RESERVED
-	- libav <unfixed>
+	- libav 4:0.7.3-1
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=a31ccacb1a9b2abc0e140a812fb0ffca6f7c2591
@@ -10048,7 +10048,7 @@
 CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the HP ...)
 	NOT-FOR-US: HP Photosmart
 CVE-2011-1530 (The process_tgs_req function in do_tgs_req.c in the Key Distribution ...)
-	- krb5 <unfixed>
+	- krb5 1.10+dfsg~alpha1-7
 	[squeeze] - krb5 <not-affected> (Only affecs 1.9 and higher)
 	[lenny] - krb5 <not-affected> (Only affecs 1.9 and higher)
 CVE-2011-1529 (The lookup_lockout_policy function in the Key Distribution Center ...)


