[Secure-testing-commits] r28073 - data/CVE
Reinhard Tartler
siretart at moszumanska.debian.org
Mon Aug 4 12:47:53 UTC 2014
Author: siretart
Date: 2014-08-04 12:47:53 +0000 (Mon, 04 Aug 2014)
New Revision: 28073
Modified:
data/CVE/list
Log:
CVE-2011-3935 libav
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-04 06:23:52 UTC (rev 28072)
+++ data/CVE/list 2014-08-04 12:47:53 UTC (rev 28073)
@@ -52932,9 +52932,11 @@
- libav 4:0.8.1-1
- ffmpeg <removed>
CVE-2011-3935 (The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ...)
- - libav <undetermined>
+ - libav <not-affected>
+ [wheezy] - libav <unfixed>
- ffmpeg <not-affected> (vuln. code not present, introduced later)
NOTE: libav and ffmpeg code bases have diverged too much, unclear whether libav is affected
+ NOTE: [Diego] applies to 0.8 and 9 only, cherrypicked fixes on ML
CVE-2011-3934 (Double free vulnerability in the vp3_update_thread_context function in ...)
- libav <unfixed> (unimportant)
- ffmpeg <removed> (unimportant)
More information about the Secure-testing-commits
mailing list