[Secure-testing-commits] r31457 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Jan 17 22:04:01 UTC 2015


Author: jmm
Date: 2015-01-17 22:04:01 +0000 (Sat, 17 Jan 2015)
New Revision: 31457

Modified:
   data/CVE/list
Log:
update/drop some notes


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-17 21:57:02 UTC (rev 31456)
+++ data/CVE/list	2015-01-17 22:04:01 UTC (rev 31457)
@@ -5359,21 +5359,20 @@
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=550f3e9df3410b3dd975e590042c0d83e20a8da3
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=cee4490b521fd0d02476d46aa2598af24fb8d686
-	NOTE: Pending for 11.2
 CVE-2014-8548 (Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c727401aa9d62335e89d118a5b4e202edf39d905
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=d423dd72be451462c6fb1cbbe313bed0194001ab
-	NOTE: Pending for 11.2 and 0.8.17
+	NOTE: Pending 0.8.17
 CVE-2014-8547 (libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f1457864be8fb9653643519dea1c6492f1dde57
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0b39ac6f54505a538c21fe49a626de94c518c903
-	NOTE: Pending for 11.2 and 0.8.17
+	NOTE: Pending 0.8.17
 CVE-2014-8546 (Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -5395,7 +5394,7 @@
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=17ba719d9ba30c970f65747f42d5fbb1e447ca28
-	NOTE: Pending for 11.2 and 0.8.17
+	NOTE: Pending for 0.8.17
 CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -5403,7 +5402,6 @@
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=105654e376a736d243aef4a1d121abebce912e6b
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=88626e5af8d006e67189bf10b96b982502a7e8ad
-	NOTE: Pending for 11.2 and 0.8.17
 CVE-2014-8541 (libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -5411,7 +5409,6 @@
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5c378d6a6df8243f06c87962b873bd563e58cd39
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=809c3023b699c54c90511913d3b6140dd2436550
-	NOTE: Pending for 11.2
 CVE-2014-8539 (Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 ...)
 	NOT-FOR-US: Simple Email
 CVE-2013-7409 (Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote ...)




More information about the Secure-testing-commits mailing list