[Secure-testing-commits] r28286 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 14 20:06:48 UTC 2014
Author: jmm
Date: 2014-08-14 20:06:48 +0000 (Thu, 14 Aug 2014)
New Revision: 28286
Modified:
data/CVE/list
Log:
ganeti CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-14 13:50:25 UTC (rev 28285)
+++ data/CVE/list 2014-08-14 20:06:48 UTC (rev 28286)
@@ -152,7 +152,7 @@
- cacti <unfixed>
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
NOTE: CVE id requested via oss-sec, maintainer in the loop
-CVE-2014-XXXX [insecure archive permission]
+CVE-2014-5247 [insecure archive permission]
- ganeti 2.11.5-1
[wheezy] - ganeti <not-affected> (Vulnerable code not present)
[squeeze] - ganeti <not-affected> (Vulnerable code not present)
@@ -12913,9 +12913,8 @@
NOTE: https://trac.ffmpeg.org/ticket/2905
CVE-2013-7020 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- - libav <undetermined>
+ - libav <unfixed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
- NOTE: libav and ffmpeg code bases have diverged too much, unclear whether libav is affected
NOTE: fixed in experimental upload 6:11~alpha2-1, check and merge when upload to unstable
CVE-2013-7019 (The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 ...)
- ffmpeg <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list