[Secure-testing-commits] r23369 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Aug 21 07:01:13 UTC 2013
Author: jmm
Date: 2013-08-21 07:01:12 +0000 (Wed, 21 Aug 2013)
New Revision: 23369
Modified:
data/CVE/list
Log:
three new ffmpeg issues, none affect oldstable, one potentially
affects libav
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-21 06:27:49 UTC (rev 23368)
+++ data/CVE/list 2013-08-21 07:01:12 UTC (rev 23369)
@@ -1,3 +1,15 @@
+CVE-2013-XXXX [g2meet out of array write]
+ - ffmpeg <not-affected> (g2meet codec not present in 0.5 ffmpeg)
+ - libav <not-affected> (g2meet codec not present in libav)
+ NOTE: https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
+CVE-2013-XXXX [libavfilter out of array writes]
+ - ffmpeg <not-affected> (Affected video filters not present in ffmpeg 0.5)
+ - libav <unfixed>
+ NOTE: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
+CVE-2013-XXXX [av_reallocp_array]
+ - ffmpeg <not-affected> (Affected function codec not present in 0.5 ffmpeg)
+ - libav <not-affected> (Affected function not present in libav)
+ NOTE: https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55
CVE-2013-5313 (Cross-site request forgery (CSRF) vulnerability in ...)
TODO: check
CVE-2013-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech ...)
More information about the Secure-testing-commits
mailing list