[Secure-testing-commits] r16022 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Feb 1 03:59:54 UTC 2011
Author: gilbert-guest
Date: 2011-02-01 03:59:48 +0000 (Tue, 01 Feb 2011)
New Revision: 16022
Modified:
data/CVE/list
Log:
current ffmpeg not affected; poppler is vulnerable to new issues; xpdf uses poppler
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-31 23:11:23 UTC (rev 16021)
+++ data/CVE/list 2011-02-01 03:59:48 UTC (rev 16022)
@@ -470,8 +470,9 @@
- chromium-browser <not-affected> (Chrome PDF plugin)
- webkit <not-affected> (Chrome PDF plugin)
CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...)
- - ffmpeg <unfixed> (bug #610550)
- - ffmpeg-debian <removed>
+ - ffmpeg <not-affected> (webm not yet supported; bug #610550)
+ - ffmpeg-debian <not-affected> (webm not supported yet)
+ TODO: recheck newer versions (see bug)
CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
@@ -1032,17 +1033,15 @@
CVE-2010-4654
RESERVED
- kdegraphics 4.0
- - xpdf <unfixed>
- - poppler <undetermined>
+ - xpdf 3.02-9
+ - poppler <unfixed>
NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9
- TODO: check
CVE-2010-4653
RESERVED
- kdegraphics 4.0
- - xpdf <unfixed>
+ - xpdf 3.02-9
- poppler <unfixed>
NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659
- TODO: check
CVE-2010-4652 [buffer overflow when preparing SQL queries]
RESERVED
- proftpd-dfsg 1.3.3a-6
More information about the Secure-testing-commits
mailing list