[Secure-testing-commits] r22953 - data/CVE

Arne Wichmann aw-guest at alioth.debian.org
Tue Jul 16 00:45:17 UTC 2013 

Author: aw-guest
Date: 2013-07-16 00:45:17 +0000 (Tue, 16 Jul 2013)
New Revision: 22953

Modified:
   data/CVE/list
Log:
CVE-2013-0845 - CVE-2013-0874, CVE-2013-3670, CVE-2013-3672, CVE-2013-3674:
  doublechecked, bug reported


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-15 21:14:27 UTC (rev 22952)
+++ data/CVE/list	2013-07-16 00:45:17 UTC (rev 22953)
@@ -2511,7 +2511,7 @@
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
 CVE-2013-3674 (The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg ...)
 	- ffmpeg <not-affected> (CD Graphics Video Decoder not present in 0.5 ffmpeg)
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ad002e1a13a8df934bd6cb2c84175a4780ab8942
 CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
@@ -2519,7 +2519,7 @@
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d23b8462b5a4a9da78ed45c4a7a3b35d538df909
 CVE-2013-3672 (The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg ...)
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8d3c99e825317b7efda5fd12e69896b47c700303
 CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1 ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
@@ -2527,11 +2527,12 @@
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7edb984dd051b6919d7d8471c70499273f31b0fa
 CVE-2013-3670 (The rle_unpack function in vmdav.c in libavcodec in FFmpeg git ...)
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb
 	NOTE: These are likely the libav commits:
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=701966730ce10290fd49c5ccedd73f505680f764
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=676da248cad49debc40720baa13214f0b94dcc71
+	NOTE: given libav commits fix different things AFAICS
 CVE-2013-3669
 	RESERVED
 CVE-2013-3668
@@ -9861,17 +9862,18 @@
 CVE-2013-0874 [libavcodec/tiff.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
-	TODO: check
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e1219cdaf9fb4bc8cea410e1caf802373c1bfe51
 	NOTE: Is that the relevant libav commit? 
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=9c2216976907336dfae0e8e38a4d70ca2465a92c
+	NOTE: looks invalid - relevant code fragment is not present in libav
 CVE-2013-0873 [libavcodec/shorten.c freeing invalid addresses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: Commit in libav: http://git.libav.org/?p=libav.git;a=commit;h=c10da30d8426a1f681d99a780b6e311f7fb4e5c5
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4f1279154ee9baf2078241bf5619774970d18b25
+	TODO: this pactch seems to be applied, please doublecheck
 CVE-2013-0872 [libswresample/swresample.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (libswresample not yet present in ffmpeg/0.5)
@@ -9884,36 +9886,40 @@
 CVE-2013-0870 [libavcodec/vp3.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=14c8ee00ffd9d45e6e0c6f11a957ce7e56f7eb3a
+	NOTE: looks invalid - relevant code fragment is not present in libav
 CVE-2013-0869 [libavcodec/h264.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: That should be the equivalent libav fix: http://git.libav.org/?p=libav.git;a=commit;h=706acb558a38eba633056773280155d66c2f4b24
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=695af8eed642ff0104834495652d1ee784a4c14d
+	TODO: this pactch seems to be applied, please doublecheck
 CVE-2013-0868 [libavcodec/huffyuvdec.c out of array writes]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
 CVE-2013-0867 [libavcodec/h264.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
 CVE-2013-0866 [libavcodec/aacdec.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=96f452ac647dae33c53c242ef3266b65a9beafb6
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a943a132f36f4df8fe2f749744677b71984abce7
+	TODO: above fix seems to be applied - doublecheck
 CVE-2013-0865 [libavcodec/vqavideo.c out of array writes]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=f7d18deb73d1dd1b27b2c7062c9a10d168a6c62a
+	NOTE: fixed in experimental
 CVE-2013-0864 [libavcodec/gifdec.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
@@ -9932,13 +9938,13 @@
 CVE-2013-0861 [libavcodec/utils.c memory corruption]
 	RESERVED
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	[wheezy] - libav <not-affected> (Affected code not present in libav 0.8.x)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d270c3202539e8364c46410e15f7570800e33343
 CVE-2013-0860 [libavcodec/error_resilience.c state inconsistency and null pointer deref]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=23318a57358358e7a4dc551e830e4503f0638cfe
 CVE-2013-0859 [libavcodec/tiff.c out of array access]
 	RESERVED
@@ -9948,35 +9954,36 @@
 CVE-2013-0858 [libavcodec/atrac3.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=13451f5520ce6b0afde861b2285dda659f8d4fb4
 CVE-2013-0857 [libavcodec/iff.c]
 	RESERVED
 	- ffmpeg <not-affected> (IFF PBM/ILBM bitmap decoder not present in 0.5 ffmpeg)
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2fbb37b51bbea891392ad357baf8f3dff00bac05
 CVE-2013-0856 [libavcodec/alac.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
-	TODO: check
+	- libav <unfixed> (bug #717009)
+	NOTE: checked - seems valid
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fd4f4923cce6a2cbf4f48640b4ac706e614a1594
 CVE-2013-0855 [libavcodec/alac.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
-	TODO: check
+	- libav <unfixed> (bug #717009)
+	NOTE: looks invalid as the problem is checked in alac_set_info - but doublecheck please
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3920d1387834e2bc334aff9f518f4beb24e470bd
 CVE-2013-0854 [libavcodec/mjpegdec.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=cfbd98abe82cfcb9984a18d08697251b72b110c8
+	NOTE: fixed in experimental
 CVE-2013-0853 [libavcodec/wavpack.c out of array access]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=be818df547c3b0ae4fadb50fd210139a8636706a
 	NOTE: Could be fixed by one of the three following commits. Check with upstream:
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=fd06291239c1bb616bf303b5696cc432710b2530
@@ -9985,49 +9992,51 @@
 CVE-2013-0852 [libavcodec/pgssubdec.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (PGS subtitle decoder not present)
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: That change seems needed in libav
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061
 CVE-2013-0851 [libavcodec/eamad.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (Electronic Arts Madcow Video decoder not present in ffmpeg 0.5)
-	- libav <unfixed>
-	TODO: check
+	- libav <unfixed> (bug #717009)
+	NOTE: looks valid as "if (buf_size < 17) { ... error... }" but at least buf[21] is used.
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d
 CVE-2013-0850 [libavcodec/h264.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6c184880ee2e09fd68c0ae217173832cee5afc1
 	NOTE: This seems to be the corresponding libav commit: http://git.libav.org/?p=libav.git;a=commit;h=6e5cdf26281945ddea3aaf5eca4d127791f23ca8
+	NOTE: seems fixed in experimental
 CVE-2013-0849 [libavcodec/roqvideodec.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
+	NOTE: fixed in experimental
 	NOTE: No roqvideo-related changes in libav git so far
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3ae610451170cd5a28b33950006ff0bd23036845
 CVE-2013-0848 [libavcodec/huffyuv.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: No related changes in libav git so far
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
 CVE-2013-0847 [libavformat/id3v2.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
-	TODO: check
+	- libav <unfixed> (bug #717009)
+	NOTE: vim '+/while (avio_tell(s->pb) < end' libavformat/id3v2.c # this looks like the equivalent position in libav, and the problem looks solved to me
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=10416a4d56fa8a89784e4fb62099c3cab17a9952
 CVE-2013-0846 [libavcodec/qdm2.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=39bec05ed42e505d17877b0c23f16322f9b5883b
 CVE-2013-0845 [libavcodec/alsdec.c]
 	RESERVED
 	- ffmpeg <not-affected> (MPEG-4 ALS decoder not present in ffmpeg/0.5)
-	- libav <unfixed>
+	- libav <unfixed> (bug #717009)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0ceca269b66ec12a23bf0907bd2c220513cdbf16
 	NOTE: No change in libav git
 CVE-2013-0844 [libavcodec/adpcm.c out of array access]

More information about the Secure-testing-commits mailing list