[Secure-testing-commits] r35595 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2015-07-20 21:12:11 +0000 (Mon, 20 Jul 2015)
New Revision: 35595

Modified:
   data/CVE/list
Log:
libvpx unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-20 21:10:13 UTC (rev 35594)
+++ data/CVE/list	2015-07-20 21:12:11 UTC (rev 35595)
@@ -12152,9 +12152,10 @@
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-	- libvpx 1.4.0-4
+	- libvpx 1.4.0-4 (unimportant)
 	[wheezy] - libvpx <not-affected> (vp9 code introduced in 1.3.0)
 	[squeeze] - libvpx <not-affected> (vp9 code not present in 0.9.1)
+	NOTE: That's not a vulnerability in libvpx per se
 	NOTE: 1.4.0-4 adds the workaround to configure with --size-limit=16384x16384
 	NOTE: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c
 CVE-2015-1257 (platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation ...)