[Secure-testing-commits] r29125 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 28 09:34:18 UTC 2014
Author: carnil
Date: 2014-09-28 09:34:17 +0000 (Sun, 28 Sep 2014)
New Revision: 29125
Modified:
data/CVE/list
Log:
More updates for ffmpeg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-28 09:19:50 UTC (rev 29124)
+++ data/CVE/list 2014-09-28 09:34:17 UTC (rev 29125)
@@ -47422,7 +47422,7 @@
{DSA-2624-1}
[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
- libav 6:0.8.4-1 (bug #688847)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
NOTE: duplicate of CVE-2012-2777
CVE-2012-2783 (Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, ...)
{DSA-2624-1}
@@ -52037,7 +52037,7 @@
CVE-2012-0947 (Heap-based buffer overflow in the vqa_decode_chunk function in the VQA ...)
{DSA-2471-1}
- libav 6:0.8.2-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access ...)
@@ -52267,7 +52267,7 @@
CVE-2012-0859 (The render_line function in the vorbis codec (vorbis.c) in libavcodec ...)
{DSA-2471-1}
- libav 6:0.8.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before ...)
{DSA-2624-1}
@@ -52288,15 +52288,15 @@
CVE-2012-0853 (The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in ...)
{DSA-2471-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2012-0852 (The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg ...)
{DSA-2494-1}
- libav 4:0.8.1-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2012-0851 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in ...)
{DSA-2494-1}
- libav 6:0.8.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
CVE-2012-0850 (The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before ...)
- libav 4:0.8.1-1
- ffmpeg <not-affected> (Vulnerable code not present)
@@ -55824,7 +55824,7 @@
CVE-2011-4579 (The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in ...)
{DSA-2378-1}
- libav 4:0.7.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4931c8f0f10bf8dedcf626104a6b85bfefadc6f2
CVE-2011-4578 (event.c in acpid (aka acpid2) before 2.0.11 does not have an ...)
@@ -56382,7 +56382,7 @@
CVE-2011-4364 (Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg ...)
{DSA-2378-1}
- libav 4:0.7.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
NOTE: http://www.usenix.org/events/woot11/tech/final_files/Yamaguchi.pdf
NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=494cfacdb9ba3f0549e37f76b3a2f86a7aeeac3c
@@ -56424,7 +56424,7 @@
CVE-2011-4353 (The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) ...)
{DSA-2378-1}
- libav 4:0.7.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=67a7ed6
NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=c76505e
@@ -56439,7 +56439,7 @@
CVE-2011-4351 (Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x ...)
{DSA-2378-1}
- libav 4:0.7.3-1
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=a31ccacb1a9b2abc0e140a812fb0ffca6f7c2591
NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=0d93d5c4614fafea74bdac681673f5b32eb49063
@@ -57769,12 +57769,12 @@
CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in ...)
{DSA-2336-1}
- libav 4:0.7.1-7 (bug #641478)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
CVE-2011-3973 (cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 ...)
{DSA-2336-1}
- libav 4:0.7.1-7 (bug #641478)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
CVE-2011-3972 (The shader translator implementation in Google Chrome before ...)
- chromium-browser 17.0.963.56~r121963-1
@@ -58036,7 +58036,7 @@
- chromium-browser 15.0.874.121~r109964-1
[squeeze] - chromium-browser <end-of-life>
- webkit <not-affected> (Chrome issue)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- libav 4:0.8~beta2-1 (bug #654534; bug #654573)
CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
- chromium-browser 15.0.874.121~r109964-1
@@ -58047,7 +58047,7 @@
- chromium-browser 15.0.874.121~r109964-1
- webkit <not-affected> (Chrome issue)
- libav 4:0.8~beta2-1 (bug #654534; bug #654572)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
[squeeze] - chromium-browser <not-affected>
NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554
NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106599
@@ -58058,7 +58058,7 @@
- webkit <not-affected> (Chrome issue)
[squeeze] - chromium-browser <not-affected>
- libav 4:0.8~beta2-1 (bug #654534; bug #654571)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
- chromium-browser 15.0.874.106~r107270-1
@@ -59188,7 +59188,7 @@
CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not properly ...)
{DSA-2336-1}
- libav 4:0.7.2-1 (bug #643859)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and ...)
NOT-FOR-US: eSignal
@@ -59594,7 +59594,7 @@
CVE-2011-3362 (Integer signedness error in the decode_residual_block function in ...)
{DSA-2336-1}
- libav 4:0.7.1-7 (bug #641478)
- - ffmpeg <removed>
+ - ffmpeg 7:2.4.1-1
- ffmpeg-debian <end-of-life>
NOTE: http://www.ocert.org/advisories/ocert-2011-002.html
CVE-2011-3361 (Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC ...)
@@ -63186,18 +63186,18 @@
CVE-2011-2162 (Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as ...)
{DSA-2306-1}
- libav 4:0.6-1 (bug #628448)
- - ffmpeg <removed>
+ - ffmpeg <unfixed>
- ffmpeg-debian <end-of-life>
NOTE: duplicate of CVE-2011-1198
CVE-2011-2161 (The ape_read_header function in ape.c in libavformat in FFmpeg before ...)
{DSA-2306-1}
- libav 4:0.6-1 (bug #628448)
- - ffmpeg <removed>
+ - ffmpeg <unfixed>
- ffmpeg-debian <end-of-life>
CVE-2011-2160 (The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in ...)
{DSA-2306-1}
- libav 4:0.6-1 (bug #628448)
- - ffmpeg <removed>
+ - ffmpeg <unfixed>
- ffmpeg-debian <end-of-life>
NOTE: duplicate of CVE-2011-0723
CVE-2011-2159 (The SmarterTools SmarterStats 6.0 web server omits the Content-Type ...)
More information about the Secure-testing-commits
mailing list