[Secure-testing-commits] r29104 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 27 11:26:04 UTC 2014


Author: carnil
Date: 2014-09-27 11:26:04 +0000 (Sat, 27 Sep 2014)
New Revision: 29104

Modified:
   data/CVE/list
Log:
Add couple of fixed version entries for ffmpeg in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-27 11:09:53 UTC (rev 29103)
+++ data/CVE/list	2014-09-27 11:26:04 UTC (rev 29104)
@@ -4168,10 +4168,9 @@
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=55000
 CVE-2014-5272 [out of array access]
 	RESERVED
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770
-	NOTE: new ffmpeg now in experimental, CVE fixed in 7:2.4-1
 	NOTE: <lu_zero> Does not apply to Libav at all.
 CVE-2014-5271 [buffer overflow]
 	RESERVED
@@ -5860,7 +5859,8 @@
 	NOTE: for lz4: https://code.google.com/p/lz4/issues/detail?id=52 and https://code.google.com/p/lz4/source/detail?r=118
 CVE-2014-4610
 	RESERVED
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
+	NOTE: Fixed in http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f53be1743ee
 CVE-2014-4609
 	RESERVED
 	{DSA-2977-1}
@@ -11950,7 +11950,8 @@
 	NOT-FOR-US: Synology DiskStation Manager
 CVE-2014-2263 (The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) ...)
 	{DSA-3003-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 	- libav 6:10.4-1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257
 CVE-2014-2262 (Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS ...)




More information about the Secure-testing-commits mailing list