[Secure-testing-commits] r29123 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Sep 28 09:18:21 UTC 2014 

Author: carnil
Date: 2014-09-28 09:18:21 +0000 (Sun, 28 Sep 2014)
New Revision: 29123

Modified:
   data/CVE/list
Log:
Four more CVEs from the 1.1.2 release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-28 09:15:12 UTC (rev 29122)
+++ data/CVE/list	2014-09-28 09:18:21 UTC (rev 29123)
@@ -35142,7 +35142,7 @@
 	- ffmpeg <not-affected> (No threading support in vp3 from ffmpeg 0.5)
 	- libav <not-affected> (Vulnerable code added in ffmpeg post-merge)
 CVE-2013-0869 (The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=706acb558a38eba633056773280155d66c2f4b24
@@ -35150,13 +35150,13 @@
 	NOTE: Fix needed in ffmpeg 0.5
 CVE-2013-0868 (libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers ...)
 	{DSA-3003-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
 CVE-2013-0867 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Code in libav is different/not affect as per libav h264 maintainer)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
@@ -35168,7 +35168,7 @@
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a943a132f36f4df8fe2f749744677b71984abce7
 CVE-2013-0865 (The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg ...)
 	{DSA-2855-1}
-	- ffmpeg <unfixed>
+	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.8-1 (bug #717009)
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=f7d18deb73d1dd1b27b2c7062c9a10d168a6c62a

More information about the Secure-testing-commits mailing list