[Secure-testing-commits] r25362 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2014-01-24 20:38:31 +0000 (Fri, 24 Jan 2014)
New Revision: 25362

Modified:
   data/CVE/list
Log:
ffmpeg/libav


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-24 18:11:56 UTC (rev 25361)
+++ data/CVE/list	2014-01-24 20:38:31 UTC (rev 25362)
@@ -26042,10 +26042,9 @@
 CVE-2012-5144 (Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-	- ffmpeg <removed>
+	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:0.8.5-1 (bug #694483)
-	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646 is supposed to fix this.
-	NOTE: Upstream has a sample, but can only be reproduced with asan/tsan. However, Chrome seems to be affected by this somehow more directly.
+	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646
 CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -42894,7 +42893,10 @@
 CVE-2011-3942
 	RESERVED
 CVE-2011-3941 (The decode_mb function in libavcodec/error_resilience.c in FFmpeg ...)
-	TODO: check
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
+	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6193ff68549ecbaf1a4d63a0e06964ec580ac620
+	NOTE: Needed for ffmpeg 0.5
 CVE-2011-3940 (nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
@@ -42913,6 +42915,7 @@
 CVE-2011-3935 (The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ...)
 	- libav <unfixed>
 	- ffmpeg <removed>
+	NOTE: Seems needed for libav in cmdutils.c
 CVE-2011-3934 (Double free vulnerability in the vp3_update_thread_context function in ...)
 	- libav <unfixed>
 	- ffmpeg <removed>