[Secure-testing-commits] r28197 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Sun Aug 10 21:14:11 UTC 2014
Author: joeyh
Date: 2014-08-10 21:14:11 +0000 (Sun, 10 Aug 2014)
New Revision: 28197
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-10 21:05:49 UTC (rev 28196)
+++ data/CVE/list 2014-08-10 21:14:11 UTC (rev 28197)
@@ -60,22 +60,27 @@
RESERVED
CVE-2014-5165 [wireshark: ASN.1 BER dissector crash]
RESERVED
+ {DSA-3002-1}
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2014-11.html
CVE-2014-5164 [wireshark: RLC dissector crash]
RESERVED
+ {DSA-3002-1}
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2014-10.html
CVE-2014-5163 [wirehark: GTP and GSM Management dissectors crash]
RESERVED
+ {DSA-3002-1}
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2014-09.html
CVE-2014-5162 [wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun]
RESERVED
+ {DSA-3002-1}
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
CVE-2014-5161 [wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun]
RESERVED
+ {DSA-3002-1}
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
CVE-2014-5160
@@ -7307,7 +7312,7 @@
CVE-2014-2263 (The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) ...)
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav <unfixed>
- NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257
+ NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257
CVE-2014-2262 (Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS ...)
NOT-FOR-US: Base SAS
CVE-2014-2261
@@ -22575,7 +22580,7 @@
- ffmpeg <not-affected> (CD Graphics Video Decoder not present in 0.5 ffmpeg)
- libav <unfixed>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ef2dbd2392e3e4d430e0173e1e5c4df9f18b6dd
- NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a1599f3f7ea8478d1f6a95e59e3bc6bc86d5f812
+ NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a1599f3f7ea8478d1f6a95e59e3bc6bc86d5f812
CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg ...)
- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
@@ -22583,7 +22588,7 @@
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav <unfixed>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7fa6db2545643efb4fe2e0bb501fa50af35a6330
- NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=70cd3b8e659c3522eea5c16a65d14b8658894a94
+ NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=70cd3b8e659c3522eea5c16a65d14b8658894a94
CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1 ...)
- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
@@ -30412,7 +30417,7 @@
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav <unfixed>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
- NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a7153444df9040bf6ae103e0bbf6104b66f974cb
+ NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a7153444df9040bf6ae103e0bbf6104b66f974cb
NOTE: Needed in ffmpeg 0.5
CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before ...)
- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
More information about the Secure-testing-commits
mailing list