[Secure-testing-commits] r28176 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 10 05:27:32 UTC 2014
Author: carnil
Date: 2014-08-10 05:27:32 +0000 (Sun, 10 Aug 2014)
New Revision: 28176
Modified:
data/CVE/list
Log:
Revert "CVE-2013-0848 libav"
This reverts commit e588554cf12e6f115870b048651c0acabf7c64b3.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-10 05:27:14 UTC (rev 28175)
+++ data/CVE/list 2014-08-10 05:27:32 UTC (rev 28176)
@@ -30410,9 +30410,10 @@
NOTE: Needed in ffmpeg 0.5
CVE-2013-0848 (The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 ...)
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- [wheezy] - libav 6:0.8.15-1
+ - libav <undetermined>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
NOTE: Needed in ffmpeg 0.5
+ NOTE: Unclear if this really affects libav due to different code, need to find a test case in form of a sample
CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before ...)
- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
- libav <not-affected> (Code in libav is different, read_ttag)
More information about the Secure-testing-commits
mailing list