[Secure-testing-commits] r36108 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Aug 16 16:23:08 UTC 2015
Author: jmm
Date: 2015-08-16 16:23:08 +0000 (Sun, 16 Aug 2015)
New Revision: 36108
Modified:
data/CVE/list
Log:
netty, libav no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-16 15:27:57 UTC (rev 36107)
+++ data/CVE/list 2015-08-16 16:23:08 UTC (rev 36108)
@@ -1345,6 +1345,7 @@
[jessie] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
[wheezy] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
+ NOTE: Patch in libav: https://git.libav.org/?p=libav.git;a=commit;h=0a49a62f998747cfa564d98d36a459fe70d3299b
CVE-2015-5478
RESERVED
CVE-2015-5477 (named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 ...)
@@ -10729,7 +10730,10 @@
RESERVED
- netty3.1 <removed>
- netty <unfixed>
+ [wheezy] - netty <no-dsa> (Minor issue)
+ [jessie] - netty <no-dsa> (Minor issue)
- netty-3.9 <unfixed> (bug #793770)
+ [jessie] - netty-3.9 <no-dsa> (Minor issue)
- playframework <itp> (bug #646523)
NOTE: http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
@@ -11445,6 +11449,8 @@
- ffmpeg 7:2.5.4-1
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <unfixed>
+ [jessie] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
+ [wheezy] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037
CVE-2015-1871
RESERVED
More information about the Secure-testing-commits
mailing list