[Secure-testing-commits] r28112 - data/CVE

Reinhard Tartler siretart at moszumanska.debian.org
Wed Aug 6 10:40:13 UTC 2014


Author: siretart
Date: 2014-08-06 10:40:13 +0000 (Wed, 06 Aug 2014)
New Revision: 28112

Modified:
   data/CVE/list
Log:
CVE-2014-2098

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-06 10:27:28 UTC (rev 28111)
+++ data/CVE/list	2014-08-06 10:40:13 UTC (rev 28112)
@@ -7566,8 +7566,10 @@
 	NOTE: [Anton] appears to not be present in any version of libav
 CVE-2014-2098 (libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-	- libav <not-affected> (Vulnerable code not present)
-	NOTE: [Anton] appears to not be present in any version of libav
+	- libav <unfixed>
+	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=849b9d34 (master)
+	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6be5a3c0 (release/10)
+	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=36d8914f (release/9)
 CVE-2014-2097 (The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list