[Secure-testing-commits] r29108 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 27 12:22:53 UTC 2014 

Author: carnil
Date: 2014-09-27 12:22:53 +0000 (Sat, 27 Sep 2014)
New Revision: 29108

Modified:
   data/CVE/list
Log:
Add some fixed version from the 2.1 release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-27 12:13:23 UTC (rev 29107)
+++ data/CVE/list	2014-09-27 12:22:53 UTC (rev 29108)
@@ -17439,7 +17439,7 @@
 	NOTE: https://trac.ffmpeg.org/ticket/2905
 CVE-2013-7020 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
 	{DSA-3027-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
@@ -17468,7 +17468,7 @@
 	NOTE: Only present in libav trunk
 CVE-2013-7015 (The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg ...)
 	{DSA-2855-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/880c73cd76109697447fbfbaa8e5ee5683309446
@@ -17494,20 +17494,20 @@
 	NOTE: https://trac.ffmpeg.org/ticket/3080
 	NOTE: Only present in libav trunk
 CVE-2013-7011 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Reproducer fails on libav 0.8.9 and 9.11)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
 	NOTE: https://trac.ffmpeg.org/ticket/2906
 CVE-2013-7010 (Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg ...)
 	{DSA-2855-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=d1916d13e28b87f4b1b214231149e12e1d536b4b
 CVE-2013-7009 (The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Not reproducible with 0.8.9)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3819db745da2ac7fb3faacb116788c32f4753f34

More information about the Secure-testing-commits mailing list