[Secure-testing-commits] r24326 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Nov 8 05:49:55 UTC 2013
Author: jmm
Date: 2013-11-08 05:49:55 +0000 (Fri, 08 Nov 2013)
New Revision: 24326
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
new openssh issue (testing/sid only)
libav updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-07 21:47:30 UTC (rev 24325)
+++ data/CVE/list 2013-11-08 05:49:55 UTC (rev 24326)
@@ -1,3 +1,7 @@
+CVE-2013-XXXX [openssh AES_GCM memory corruption]
+ - openssh <unfixed> (bug #729029)
+ [wheezy] - openssh <not-affected> (AES-GCM support introduced in 6.2)
+ [squeeze] - openssh <not-affected> (AES-GCM support introduced in 6.2)
CVE-2013-6616
RESERVED
CVE-2013-6615
@@ -14833,12 +14837,14 @@
- libav 6:9.9-1 (bug #717009)
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=13451f5520ce6b0afde861b2285dda659f8d4fb4
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=50cf5a7fb78846fc39b3ecdaa896a10bcd74da2a
+ NOTE: Fixed in 0.8.9
CVE-2013-0857 [libavcodec/iff.c]
RESERVED
- ffmpeg <not-affected> (IFF PBM/ILBM bitmap decoder not present in 0.5 ffmpeg)
- libav 6:9.9-1 (bug #717009)
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2fbb37b51bbea891392ad357baf8f3dff00bac05
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=7d65e960c72f36b73ae7fe84f8e427d758e61da9
+ NOTE: Fixed in 0.8.9
CVE-2013-0856 [libavcodec/alac.c]
RESERVED
- ffmpeg <removed>
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2013-11-07 21:47:30 UTC (rev 24325)
+++ data/dsa-needed.txt 2013-11-08 05:49:55 UTC (rev 24326)
@@ -80,6 +80,8 @@
--
srtp (nion)
--
+sup-mail
+--
tomcat7/stable (jmm)
--
vlc
More information about the Secure-testing-commits
mailing list