[Secure-testing-commits] r21137 - data/CVE

Reinhard Tartler siretart at alioth.debian.org
Mon Feb 4 06:34:57 UTC 2013 

Author: siretart
Date: 2013-02-04 06:34:56 +0000 (Mon, 04 Feb 2013)
New Revision: 21137

Modified:
   data/CVE/list
Log:
updates for ffmpeg (i.e., libav in disguise) for squeeze

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-04 06:17:23 UTC (rev 21136)
+++ data/CVE/list	2013-02-04 06:34:56 UTC (rev 21137)
@@ -13172,18 +13172,18 @@
 CVE-2012-2780
 	RESERVED
 CVE-2012-2779 (Unspecified vulnerability in the decode_frame function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
+	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2778
 	RESERVED
 CVE-2012-2777 (Unspecified vulnerability in the decode_pic function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
+	[squeeze] - ffmpeg 4:0.5.9-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2776 (Unspecified vulnerability in the decode_cell_data function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
+	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2775 (Unspecified vulnerability in the read_var_block_data function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
+	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2774 (The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg ...)
 	- ffmpeg <not-affected> (there is no crash, just a couple uninitialized reads, harmless according to Janne)
@@ -13193,7 +13193,7 @@
 CVE-2012-2773
 	RESERVED
 CVE-2012-2772 (Unspecified vulnerability in the ff_rv34_decode_frame function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
+	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2771
 	RESERVED
@@ -17940,7 +17940,7 @@
 	- ffmpeg <removed>
 CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before ...)
 	- libav 4:0.8.1-1
-	- ffmpeg <removed>
+	[squeeze] - ffmpeg 4:0.5.9-1
 CVE-2012-0857 (Multiple buffer overflows in the get_qcx function in the J2K decoder ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list