[Secure-testing-commits] r28232 - data/CVE

Reinhard Tartler siretart at moszumanska.debian.org
Tue Aug 12 11:29:45 UTC 2014


Author: siretart
Date: 2014-08-12 11:29:45 +0000 (Tue, 12 Aug 2014)
New Revision: 28232

Modified:
   data/CVE/list
Log:
CVE-2013-4263 libav

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-12 09:24:17 UTC (rev 28231)
+++ data/CVE/list	2014-08-12 11:29:45 UTC (rev 28232)
@@ -21075,9 +21075,9 @@
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
 CVE-2013-4263 (libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote ...)
 	- ffmpeg <not-affected> (Affected video filters not present in ffmpeg 0.5)
-	- libav <undetermined>
+	- libav <not-affected>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
-	NOTE: libav and ffmpeg code bases have diverged too much, unclear whether libav is affected
+	NOTE: [Anton] the report and the fix appear completely bogus, likely working around bugs from completely different parts of the code; most probably not present in any libav release
 CVE-2013-4262 (svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile ...)
 	- subversion 1.8.5-1 (unimportant)
 	NOTE: Optional admin-side utilities in Subversion 1.8.x




More information about the Secure-testing-commits mailing list