[Secure-testing-commits] r29107 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 27 12:13:23 UTC 2014 

Author: carnil
Date: 2014-09-27 12:13:23 +0000 (Sat, 27 Sep 2014)
New Revision: 29107

Modified:
   data/CVE/list
Log:
Add entries form 0.5.4 version

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-27 12:10:05 UTC (rev 29106)
+++ data/CVE/list	2014-09-27 12:13:23 UTC (rev 29107)
@@ -67326,12 +67326,12 @@
 CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
-	- ffmpeg <removed>
+	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
-	- ffmpeg <removed>
+	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in ...)
 	{DSA-2164-1}
@@ -67603,7 +67603,7 @@
 CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...)
 	{DSA-2306-1 DSA-2165-1}
 	- libav 4:0.6.2-1 (low; bug #611495)
-	- ffmpeg <removed> (low; bug #611495)
+	- ffmpeg 7:2.4.1-1 (low; bug #611495)
 	- ffmpeg-debian <removed>
 	NOTE: this is a crash found by fuzzing and not clearly exploitable (can be combined with other fixes so low urgency)
 CVE-2011-XXXX [shibboleth Single TransientID Mapped to Multiple Principals]
@@ -67987,7 +67987,8 @@
 	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...)
 	{DSA-2306-1}
-	- ffmpeg <not-affected> (webm not yet supported)
+	- ffmpeg 7:2.4.1-1
+	[squeeze] - ffmpeg <not-affected> (webm not supported yet)
 	- ffmpeg-debian <not-affected> (webm not supported yet)
 	- libav 4:0.6.1-1 (bug #610550)
 CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
@@ -71441,7 +71442,7 @@
 CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
-	- ffmpeg <removed>
+	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
 	- vlc 1.1.3-1squeeze1

More information about the Secure-testing-commits mailing list