[Secure-testing-commits] r25531 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Wed Feb 5 21:14:11 UTC 2014 

Author: joeyh
Date: 2014-02-05 21:14:11 +0000 (Wed, 05 Feb 2014)
New Revision: 25531

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-05 18:32:06 UTC (rev 25530)
+++ data/CVE/list	2014-02-05 21:14:11 UTC (rev 25531)
@@ -365,6 +365,7 @@
 	- openssh <not-affected> (J-PAKE not activated)
 CVE-2014-1691 [Possible remote code execution on horde3]
 	RESERVED
+	{DSA-2853-1}
 	- horde3 <removed> (medium; bug #737149)
 	- php-horde-util 2.3.0-1
 	NOTE: https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3
@@ -2627,7 +2628,7 @@
 	- libav <unfixed>
 	- ffmpeg <removed>
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
-        NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=82b9799bb211ecd117171115e4a8b832c4942314
+	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=82b9799bb211ecd117171115e4a8b832c4942314
 CVE-2012-6616 (The mov_text_decode_frame function in libavcodec/movtextdec.c in ...)
 	- libav <not-affected> (Vulnerable code not present in libav)
 	- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
@@ -3819,12 +3820,14 @@
 	NOTE: https://trac.ffmpeg.org/ticket/2848
 	NOTE: Only present in libav trunk
 CVE-2013-7015 (The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg ...)
+	{DSA-2855-1}
 	- ffmpeg <removed>
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/880c73cd76109697447fbfbaa8e5ee5683309446
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=57070b1468edc6ac8cb3696c817f3c943975d4c1
 	NOTE: https://trac.ffmpeg.org/ticket/2844
 CVE-2013-7014 (Integer signedness error in the add_bytes_l2_c function in ...)
+	{DSA-2855-1}
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:9.11-1
 	NOTE: https://trac.ffmpeg.org/ticket/2919
@@ -3848,6 +3851,7 @@
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
 	NOTE: https://trac.ffmpeg.org/ticket/2906
 CVE-2013-7010 (Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg ...)
+	{DSA-2855-1}
 	- ffmpeg <removed>
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
@@ -4600,10 +4604,12 @@
 	RESERVED
 CVE-2014-0045
 	RESERVED
+	{DSA-2854-1}
 	- mumble <unfixed> (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
 CVE-2014-0044
 	RESERVED
+	{DSA-2854-1}
 	- mumble <unfixed> (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
 CVE-2014-0043
@@ -20744,6 +20750,7 @@
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=96f452ac647dae33c53c242ef3266b65a9beafb6
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a943a132f36f4df8fe2f749744677b71984abce7
 CVE-2013-0865 (The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg ...)
+	{DSA-2855-1}
 	- ffmpeg <removed>
 	- libav 6:9.8-1 (bug #717009)
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=f7d18deb73d1dd1b27b2c7062c9a10d168a6c62a
@@ -20823,6 +20830,7 @@
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6c184880ee2e09fd68c0ae217173832cee5afc1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6e5cdf26281945ddea3aaf5eca4d127791f23ca8
 CVE-2013-0849 (The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg ...)
+	{DSA-2855-1}
 	- ffmpeg <removed>
 	- libav 6:9.3-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3ae610451170cd5a28b33950006ff0bd23036845
@@ -20840,6 +20848,7 @@
 	- libav <not-affected> (Code in libav is different, read_ttag)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=10416a4d56fa8a89784e4fb62099c3cab17a9952
 CVE-2013-0846 (Array index error in the qdm2_decode_super_block function in ...)
+	{DSA-2855-1}
 	- ffmpeg <removed>
 	- libav 6:9.3-1 (bug #717009)
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
@@ -20847,6 +20856,7 @@
 	NOTE: Needed for ffmpeg 0.5
 	NOTE: Pending for 0.8.10
 CVE-2013-0845 (libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to ...)
+	{DSA-2855-1}
 	- ffmpeg <not-affected> (MPEG-4 ALS decoder not present in ffmpeg/0.5)
 	- libav 6:9.11-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0ceca269b66ec12a23bf0907bd2c220513cdbf16
@@ -43440,6 +43450,7 @@
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2011-3944 (The smacker_decode_header_tree function in libavcodec/smacker.c in ...)
+	{DSA-2855-1}
 	- libav 6:9.10-1
 	- ffmpeg <removed>
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commitdiff;h=0679cec6e8802643bbe6d5f68ca1110a7d3171da

More information about the Secure-testing-commits mailing list