[Secure-testing-commits] r18038 - data/CVE doc
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Jan 5 00:29:23 UTC 2012
Author: gilbert-guest
Date: 2012-01-05 00:29:22 +0000 (Thu, 05 Jan 2012)
New Revision: 18038
Modified:
data/CVE/list
doc/narrative_introduction
Log:
libav mainainers indicate that individual CVEs should be submitted as separate bugs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-04 21:50:25 UTC (rev 18037)
+++ data/CVE/list 2012-01-05 00:29:22 UTC (rev 18038)
@@ -3864,7 +3864,7 @@
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
- ffmpeg <removed>
- - libav <unfixed> (bug #654534)
+ - libav <unfixed> (bug #654534; bug #654573)
CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
@@ -3872,7 +3872,7 @@
CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...)
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
- - libav <unfixed> (bug #654534)
+ - libav <unfixed> (bug #654534; bug #654572)
- ffmpeg <removed>
[squeeze] - chromium-browser <not-affected>
NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554
@@ -3882,7 +3882,7 @@
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
[squeeze] - chromium-browser <not-affected>
- - libav <unfixed> (bug #654534)
+ - libav <unfixed> (bug #654534; bug #654571)
- ffmpeg <removed>
NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
Modified: doc/narrative_introduction
===================================================================
--- doc/narrative_introduction 2012-01-04 21:50:25 UTC (rev 18037)
+++ doc/narrative_introduction 2012-01-05 00:29:22 UTC (rev 18038)
@@ -272,6 +272,7 @@
indicated a preference for only one issue per bug report. The following
is a list of packages for which each CVE should be reported separately:
- php5
+ - libav
A special exception is made for kernel related issues. The kernel-sec group
will take care of them. It is not necessary to file bugs in the BTS for kernel
More information about the Secure-testing-commits
mailing list