[Secure-testing-commits] r31550 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jan 20 16:16:23 UTC 2015
Author: jmm
Date: 2015-01-20 16:16:22 +0000 (Tue, 20 Jan 2015)
New Revision: 31550
Modified:
data/CVE/list
Log:
libav bugnums
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-20 16:13:34 UTC (rev 31549)
+++ data/CVE/list 2015-01-20 16:16:22 UTC (rev 31550)
@@ -277,14 +277,14 @@
CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ...)
- ffmpeg 7:2.5.1-1
[squeeze] - ffmpeg <end-of-life>
- - libav <unfixed>
+ - libav <unfixed> (bug #775593)
NOTE: Applies to 0.8, but in different file (utvideo.c)
NOTE: libav: needed
NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before ...)
- ffmpeg 7:2.5.1-1
[squeeze] - ffmpeg <end-of-life>
- - libav <unfixed>
+ - libav <unfixed> (bug #775593)
NOTE: Applies to 0.8, but in different file (vmdav.c)
NOTE: libav: needed
NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd
@@ -2118,8 +2118,8 @@
- gcab 0.4-2 (bug #774580)
CVE-2015-XXXX [use after free in seg_write_packet()]
- ffmpeg <not-affected> (Vulnerable code not present in a ffmpeg version in the archive)
- - libav <unfixed>
- NOTE: Patch in http://www.openwall.com/lists/oss-security/2015/01/04/10 seem to apply for libav
+ - libav <unfixed> (bug #775593)
+ NOTE: Patch in http://www.openwall.com/lists/oss-security/2015/01/04/10 seem to apply for libav
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=169065fbfb3da1ab776379c333aebc54bb1f1bc4
NOTE: CVE Request: https://marc.info/?l=oss-security&m=142034472712971&w=2
CVE-2015-XXXX [Zoo directory traversal]
More information about the Secure-testing-commits
mailing list