[Secure-testing-commits] r47096 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Dec 15 09:48:29 UTC 2016


Author: jmm
Date: 2016-12-15 09:48:29 +0000 (Thu, 15 Dec 2016)
New Revision: 47096

Modified:
   data/CVE/list
Log:
two gstreamer no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-15 09:46:02 UTC (rev 47095)
+++ data/CVE/list	2016-12-15 09:48:29 UTC (rev 47096)
@@ -8233,12 +8233,14 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/25/2
 CVE-2016-9813 [null pointer deref (segfault) in mpegts decoder / _parse_pat]
 	RESERVED
-	- gst-plugins-bad1.0 1.10.2-1
+	- gst-plugins-bad1.0 1.10.2-1 (low)
+	[jessie] - gst-plugins-bad1.0 <no-dsa> (Minor issue)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775120
 CVE-2016-9812 [2 byte heap out of bounds read in gst_mpegts_section_new]
 	RESERVED
-	- gst-plugins-bad1.0 1.10.2-1
+	- gst-plugins-bad1.0 1.10.2-1 (low)
+	[jessie] - gst-plugins-bad1.0 <no-dsa> (Minor issue)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775048
 CVE-2016-9811 [4 byte heap out of bounds read in windows_icon_typefind]




More information about the Secure-testing-commits mailing list