[Secure-testing-commits] r25009 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 2 07:41:58 UTC 2014
Author: jmm
Date: 2014-01-02 07:41:58 +0000 (Thu, 02 Jan 2014)
New Revision: 25009
Modified:
data/CVE/list
Log:
more ffmpeg/libav issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-02 07:34:59 UTC (rev 25008)
+++ data/CVE/list 2014-01-02 07:41:58 UTC (rev 25009)
@@ -100,15 +100,19 @@
CVE-2013-7197
RESERVED
CVE-2012-6618 (The av_probe_input_buffer function in libavformat/utils.c in FFmpeg ...)
- TODO: check
+ - libav <unfixed>
+ - ffmpeg <removed>
+ NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
CVE-2012-6617 (The prepare_sdp_description function in ffserver.c in FFmpeg before ...)
- libav <unfixed>
- ffmpeg <removed>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
CVE-2012-6616 (The mov_text_decode_frame function in libavcodec/movtextdec.c in ...)
- TODO: check
+ - libav <not-affected> (Vulnerable code not present in libav)
+ - ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
CVE-2012-6615 (The ff_ass_split_override_codes function in libavcodec/ass_split.c in ...)
- TODO: check
+ - libav <not-affected> (Vulnerable code not present in libav)
+ - ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
CVE-2011-5268 (connection.c in Bip before 0.8.9 does not properly close sockets, ...)
- bip 0.8.9-1
[squeeze] - bip <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list