[Secure-testing-commits] r28324 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Aug 18 09:10:58 UTC 2014
Author: jmm
Date: 2014-08-18 09:10:58 +0000 (Mon, 18 Aug 2014)
New Revision: 28324
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
take xen and cacti
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-18 04:49:35 UTC (rev 28323)
+++ data/CVE/list 2014-08-18 09:10:58 UTC (rev 28324)
@@ -12967,7 +12967,6 @@
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav 6:10.4-1
NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
- NOTE: fixed in experimental upload 6:11~alpha2-1, check and merge when upload to unstable
CVE-2013-7019 (The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 ...)
- ffmpeg <not-affected> (Vulnerable code not present)
- libav <not-affected> (Vulnerable code not present)
@@ -30628,7 +30627,6 @@
- libav 6:0.8.8-1 (bug #717009)
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=cfbd98abe82cfcb9984a18d08697251b72b110c8
- NOTE: Needed in ffmpeg 0.5
CVE-2013-0853 (The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg ...)
{DSA-2793-1}
- ffmpeg <not-affected> (Vulnerability introduced later)
@@ -30660,14 +30658,12 @@
- libav 6:9.3-1 (bug #717009)
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3ae610451170cd5a28b33950006ff0bd23036845
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=488f87be873506abb01d67708a67c10a4dd29283
- NOTE: Needed in ffmpeg 0.5
CVE-2013-0848 (The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 ...)
{DSA-3003-1}
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- libav 6:10.4-1
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a7153444df9040bf6ae103e0bbf6104b66f974cb
- NOTE: Needed in ffmpeg 0.5
CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before ...)
- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
- libav <not-affected> (Code in libav is different, read_ttag)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-08-18 04:49:35 UTC (rev 28323)
+++ data/dsa-needed.txt 2014-08-18 09:10:58 UTC (rev 28324)
@@ -15,7 +15,7 @@
--
asterisk
--
-cacti
+cacti (jmm)
--
file
--
@@ -43,5 +43,5 @@
--
qemu-kvm (jmm)
--
-xen
+xen (jmm)
--
More information about the Secure-testing-commits
mailing list