[Secure-testing-commits] r28295 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Aug 15 14:27:34 UTC 2014
Author: jmm
Date: 2014-08-15 14:27:34 +0000 (Fri, 15 Aug 2014)
New Revision: 28295
Modified:
data/CVE/list
Log:
three new chromium issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-15 14:26:50 UTC (rev 28294)
+++ data/CVE/list 2014-08-15 14:27:34 UTC (rev 28295)
@@ -5101,11 +5101,14 @@
CVE-2014-3168
RESERVED
CVE-2014-3167 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- TODO: check
+ - chromium-browser <unfixed>
+ [squeeze] - chromium-browser <end-of-life>
CVE-2014-3166 (The Public Key Pinning (PKP) implementation in Google Chrome before ...)
- TODO: check
+ - chromium-browser <unfixed>
+ [squeeze] - chromium-browser <end-of-life>
CVE-2014-3165 (Use-after-free vulnerability in ...)
- TODO: check
+ - chromium-browser <unfixed>
+ [squeeze] - chromium-browser <end-of-life>
CVE-2014-3164
RESERVED
CVE-2014-3163
@@ -21243,7 +21246,7 @@
NOTE: https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
CVE-2013-4263 (libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote ...)
- ffmpeg <not-affected> (Affected video filters not present in ffmpeg 0.5)
- - libav <not-affected>
+ - libav <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
NOTE: [Anton] the report and the fix appear completely bogus, likely working around bugs from completely different parts of the code; most probably not present in any libav release
CVE-2013-4262 (svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile ...)
More information about the Secure-testing-commits
mailing list