[Secure-testing-commits] r26731 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2014-04-28 17:02:56 +0000 (Mon, 28 Apr 2014)
New Revision: 26731

Modified:
   data/CVE/list
Log:
add missing eol notes for ffmpeg/oldstable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-04-28 17:00:53 UTC (rev 26730)
+++ data/CVE/list	2014-04-28 17:02:56 UTC (rev 26731)
@@ -24458,7 +24458,7 @@
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
 	NOTE: libav and ffmpeg code bases have diverged too much, unclear whether libav is affected
 CVE-2013-0867 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
-	- ffmpeg <removed>
+	- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Code in libav is different/not affect as per libav h264 maintainer)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
 CVE-2013-0866 (The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before ...)
@@ -47116,7 +47116,7 @@
 CVE-2011-3944 (The smacker_decode_header_tree function in libavcodec/smacker.c in ...)
 	{DSA-2855-1}
 	- libav 6:9.10-1
-	- ffmpeg <removed>
+	- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commitdiff;h=0679cec6e8802643bbe6d5f68ca1110a7d3171da
 CVE-2011-3943
 	RESERVED
@@ -47124,9 +47124,8 @@
 	RESERVED
 CVE-2011-3941 (The decode_mb function in libavcodec/error_resilience.c in FFmpeg ...)
 	- libav 4:0.8.1-1
-	- ffmpeg <removed>
+	- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6193ff68549ecbaf1a4d63a0e06964ec580ac620
-	NOTE: Needed for ffmpeg 0.5
 CVE-2011-3940 (nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1