[Secure-testing-commits] r20917 - data/CVE
Reinhard Tartler
siretart at alioth.debian.org
Mon Jan 14 11:18:29 UTC 2013
Author: siretart
Date: 2013-01-14 11:18:29 +0000 (Mon, 14 Jan 2013)
New Revision: 20917
Modified:
data/CVE/list
Log:
notes about CVE-2012-5144
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-14 09:13:41 UTC (rev 20916)
+++ data/CVE/list 2013-01-14 11:18:29 UTC (rev 20917)
@@ -5939,7 +5939,9 @@
CVE-2012-5144 (Google Chrome before 23.0.1271.97 does not properly perform AAC ...)
- chromium-browser <unfixed>
- ffmpeg <removed>
- - libav <unfixed> (bug #694483)
+ - libav 6:0.8.5-1 (bug #694483)
+ NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646 is supposed to fix this.
+ NOTE: Upstream has a sample, but can only be reproduced with asan/tsan. However, Chrome seems to be affected by this somehow more directly.
CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote ...)
- chromium-browser <unfixed>
CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle history ...)
More information about the Secure-testing-commits
mailing list