[Secure-testing-commits] r28077 - data/CVE
Reinhard Tartler
siretart at moszumanska.debian.org
Mon Aug 4 12:48:25 UTC 2014
Author: siretart
Date: 2014-08-04 12:48:24 +0000 (Mon, 04 Aug 2014)
New Revision: 28077
Modified:
data/CVE/list
Log:
CVE-2013-0868 libav
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-04 12:48:17 UTC (rev 28076)
+++ data/CVE/list 2014-08-04 12:48:24 UTC (rev 28077)
@@ -30234,10 +30234,9 @@
NOTE: Fix needed in ffmpeg 0.5
CVE-2013-0868 (libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers ...)
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- - libav <undetermined>
+ - libav 6:10.3-1
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
- NOTE: libav and ffmpeg code bases have diverged too much, unclear whether libav is affected
CVE-2013-0867 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav <not-affected> (Code in libav is different/not affect as per libav h264 maintainer)
More information about the Secure-testing-commits
mailing list