[Secure-testing-commits] r31550 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jan 20 16:16:23 UTC 2015


Author: jmm
Date: 2015-01-20 16:16:22 +0000 (Tue, 20 Jan 2015)
New Revision: 31550

Modified:
   data/CVE/list
Log:
libav bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-20 16:13:34 UTC (rev 31549)
+++ data/CVE/list	2015-01-20 16:16:22 UTC (rev 31550)
@@ -277,14 +277,14 @@
 CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ...)
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life>
-	- libav <unfixed>
+	- libav <unfixed> (bug #775593)
 	NOTE: Applies to 0.8, but in different file (utvideo.c)
 	NOTE: libav: needed
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
 CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before ...)
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life>
-	- libav <unfixed>
+	- libav <unfixed> (bug #775593)
 	NOTE: Applies to 0.8, but in different file (vmdav.c)
 	NOTE: libav: needed
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd
@@ -2118,8 +2118,8 @@
 	- gcab 0.4-2 (bug #774580)
 CVE-2015-XXXX [use after free in seg_write_packet()]
 	- ffmpeg <not-affected> (Vulnerable code not present in a ffmpeg version in the archive)
-	- libav <unfixed>
-	NOTE: Patch in http://www.openwall.com/lists/oss-security/2015/01/04/10 seem to apply for libav
+	- libav <unfixed> (bug #775593)
+ 	NOTE: Patch in http://www.openwall.com/lists/oss-security/2015/01/04/10 seem to apply for libav
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=169065fbfb3da1ab776379c333aebc54bb1f1bc4
 	NOTE: CVE Request: https://marc.info/?l=oss-security&m=142034472712971&w=2
 CVE-2015-XXXX [Zoo directory traversal]




More information about the Secure-testing-commits mailing list