[Secure-testing-commits] r29112 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 27 12:40:26 UTC 2014
Author: carnil
Date: 2014-09-27 12:40:26 +0000 (Sat, 27 Sep 2014)
New Revision: 29112
Modified:
data/CVE/list
Log:
Add more fixed versions for ffmpeg from the 0.10 release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-27 12:37:48 UTC (rev 29111)
+++ data/CVE/list 2014-09-27 12:40:26 UTC (rev 29112)
@@ -57783,11 +57783,11 @@
CVE-2011-3952 (The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 ...)
{DSA-2494-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3951 (The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg ...)
{DSA-2494-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3950 (The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg ...)
- libav <not-affected> (Specific to newer ffmpeg after split)
- ffmpeg <not-affected> (Specific to newer ffmpeg after split)
@@ -57799,11 +57799,11 @@
CVE-2011-3947 (Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before ...)
{DSA-2471-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3946 (The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg ...)
{DSA-3003-1}
- libav 6:10.3-1 (unimportant)
- - ffmpeg <removed> (unimportant)
+ - ffmpeg 7:2.4.1-1 (unimportant)
NOTE: Not suitable for code injection, not treated as security issue
CVE-2011-3945 (The decode_frame function in the KVG1 decoder (kgv1dec.c) in ...)
- libav 4:0.8.1-1
@@ -57811,7 +57811,7 @@
CVE-2011-3944 (The smacker_decode_header_tree function in libavcodec/smacker.c in ...)
{DSA-2855-1}
- libav 6:9.10-1
- - ffmpeg <unfixed>
+ - ffmpeg 7:2.4.1-1
[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commitdiff;h=0679cec6e8802643bbe6d5f68ca1110a7d3171da
CVE-2011-3943
@@ -57820,13 +57820,13 @@
RESERVED
CVE-2011-3941 (The decode_mb function in libavcodec/error_resilience.c in FFmpeg ...)
- libav 4:0.8.1-1
- - ffmpeg <unfixed>
+ - ffmpeg 7:2.4.1-1
[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6193ff68549ecbaf1a4d63a0e06964ec580ac620
CVE-2011-3940 (nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before ...)
{DSA-2471-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3939
RESERVED
CVE-2011-3938
@@ -57837,7 +57837,7 @@
CVE-2011-3936 (The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before ...)
{DSA-2471-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3935 (The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ...)
{DSA-3003-1}
- libav 6:10-1
@@ -57846,7 +57846,7 @@
CVE-2011-3934 (Double free vulnerability in the vp3_update_thread_context function in ...)
{DSA-3003-1}
- libav 6:10-1 (unimportant)
- - ffmpeg <removed> (unimportant)
+ - ffmpeg 7:2.4.1-1 (unimportant)
NOTE: Fixed in libav trunk: http://git.libav.org/?p=libav.git;a=commit;h=759001c534287a96dc96d1e274665feb7059145d
NOTE: only a crasher
CVE-2011-3933
@@ -57860,7 +57860,7 @@
CVE-2011-3929 (The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x ...)
{DSA-2471-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 ...)
- chromium-browser 16.0.912.77~r118311-1
[squeeze] - chromium-browser <end-of-life>
More information about the Secure-testing-commits
mailing list