[Secure-testing-commits] r23914 - data/CVE

Henri Salo fgeek-guest at alioth.debian.org
Tue Oct 8 14:12:39 UTC 2013


Author: fgeek-guest
Date: 2013-10-08 14:12:39 +0000 (Tue, 08 Oct 2013)
New Revision: 23914

Modified:
   data/CVE/list
Log:
Removed libav BTS references, which was not fixed in that bug item.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-08 10:02:22 UTC (rev 23913)
+++ data/CVE/list	2013-10-08 14:12:39 UTC (rev 23914)
@@ -5465,19 +5465,19 @@
 	- libav <not-affected> (Smush codec not present in libav)
 CVE-2013-3674 (The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg ...)
 	- ffmpeg <not-affected> (CD Graphics Video Decoder not present in 0.5 ffmpeg)
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 CVE-2013-3672 (The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg ...)
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1 ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 CVE-2013-3670 (The rle_unpack function in vmdav.c in libavcodec in FFmpeg git ...)
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 CVE-2013-3669
 	RESERVED
 CVE-2013-3668
@@ -13078,13 +13078,13 @@
 CVE-2013-0868 [libavcodec/huffyuvdec.c out of array writes]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
 CVE-2013-0867 [libavcodec/h264.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
 CVE-2013-0866 [libavcodec/aacdec.c out of array accesses]
 	RESERVED
@@ -13118,7 +13118,7 @@
 CVE-2013-0860 [libavcodec/error_resilience.c state inconsistency and null pointer deref]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=23318a57358358e7a4dc551e830e4503f0638cfe
 CVE-2013-0859 [libavcodec/tiff.c out of array access: 6d1c5ea04af3e345232aa70c944de961061dab2d]
 	RESERVED
@@ -13139,7 +13139,7 @@
 CVE-2013-0856 [libavcodec/alac.c]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fd4f4923cce6a2cbf4f48640b4ac706e614a1594
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=78aa2ed620178044a227fbbe48f749c0dc86023f
 CVE-2013-0855 [libavcodec/alac.c out of array accesses]
@@ -13165,13 +13165,13 @@
 CVE-2013-0852 [libavcodec/pgssubdec.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (PGS subtitle decoder not present)
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: That change seems needed in libav
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061
 CVE-2013-0851 [libavcodec/eamad.c out of array accesses]
 	RESERVED
 	- ffmpeg <not-affected> (Electronic Arts Madcow Video decoder not present in ffmpeg 0.5)
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: looks valid as "if (buf_size < 17) { ... error... }" but at least buf[21] is used.
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d
 CVE-2013-0850 [libavcodec/h264.c out of array accesses]
@@ -13190,7 +13190,7 @@
 CVE-2013-0848 [libavcodec/huffyuv.c out of array accesses]
 	RESERVED
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: No related changes in libav git so far
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
 	NOTE: Needed in ffmpeg 0.5
@@ -13209,7 +13209,7 @@
 CVE-2013-0845 [libavcodec/alsdec.c]
 	RESERVED
 	- ffmpeg <not-affected> (MPEG-4 ALS decoder not present in ffmpeg/0.5)
-	- libav <unfixed> (bug #717009)
+	- libav <unfixed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0ceca269b66ec12a23bf0907bd2c220513cdbf16
 	NOTE: No change in libav git
 CVE-2013-0844 [libavcodec/adpcm.c out of array access]




More information about the Secure-testing-commits mailing list