[Secure-testing-commits] r17221 - in data: CVE DSA

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-09-12 17:20:36 +0000 (Mon, 12 Sep 2011)
New Revision: 17221

Modified:
   data/CVE/list
   data/DSA/list
Log:
updates for ffmpeg, another issue was fixed in 0.5.4


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-12 17:16:21 UTC (rev 17220)
+++ data/CVE/list	2011-09-12 17:20:36 UTC (rev 17221)
@@ -5884,8 +5884,7 @@
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
-	- libav <undetermined>
-	TODO: need info on ffmpeg/libav
+	- libav <not-affected> (Specific to ffmpeg-mt)
 CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform table ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
@@ -5895,8 +5894,8 @@
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
-	- libav <undetermined>
-	TODO: need info on ffmpeg/libav
+	- libav 4:0.7.1-1
+	NOTE: Info from maintainer: the patch does not apply 0.5, and I failed to reproduce
 CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-09-12 17:16:21 UTC (rev 17220)
+++ data/DSA/list	2011-09-12 17:20:36 UTC (rev 17221)
@@ -6,7 +6,7 @@
 	{CVE-2011-2359 CVE-2011-2800 CVE-2011-2818 }
 	[squeeze] - chromium-browser 6.0.472.63~r59945-5+squeeze6
 [11 Sep 2011] DSA-2306-1 ffmpeg - several
-	{CVE-2010-3908 CVE-2010-4704 CVE-2011-0480 CVE-2011-0722 CVE-2011-0723 }
+	{CVE-2010-3908 CVE-2010-4704 CVE-2011-0480 CVE-2011-0722 CVE-2011-0723 CVE-2011-2161}
 	[squeeze] - ffmpeg 4:0.5.4-1
 [11 Sep 2011] DSA-2304-1 squid3 - buffer overflow
 	{CVE-2011-3205}