[Secure-testing-commits] r31528 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jan 19 07:21:55 UTC 2015
Author: jmm
Date: 2015-01-19 07:21:55 +0000 (Mon, 19 Jan 2015)
New Revision: 31528
Modified:
data/CVE/list
Log:
new ffmpeg/libav issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-19 07:02:13 UTC (rev 31527)
+++ data/CVE/list 2015-01-19 07:21:55 UTC (rev 31528)
@@ -254,11 +254,23 @@
CVE-2014-9605
RESERVED
CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ...)
- TODO: check
+ - ffmpeg 7:2.5.1-1
+ [squeeze] - ffmpeg <end-of-life>
+ - libav <unfixed>
+ NOTE: Applies to 0.8, but in different file (utvideo.c)
+ NOTE: libav: needed
+ NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before ...)
- TODO: check
+ - ffmpeg 7:2.5.1-1
+ [squeeze] - ffmpeg <end-of-life>
+ - libav <unfixed>
+ NOTE: Applies to 0.8, but in different file (vmdav.c)
+ NOTE: libav: needed
+ NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd
CVE-2014-9602 (libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits ...)
- TODO: check
+ - ffmpeg 7:2.5.1-1
+ [squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
+ - libav <not-affected> (Vulnerable code not present)
CVE-2014-9601 (Pillow before 2.7.0 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
More information about the Secure-testing-commits
mailing list