[Secure-testing-commits] r43227 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jul 15 20:25:00 UTC 2016 

Author: carnil
Date: 2016-07-15 20:25:00 +0000 (Fri, 15 Jul 2016)
New Revision: 43227

Modified:
   data/CVE/list
Log:
Workaround some ffmpeg entries to cleanup ffmpeg from "Latently vulnerable packages in unstable"-view

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-15 18:47:13 UTC (rev 43226)
+++ data/CVE/list	2016-07-15 20:25:00 UTC (rev 43227)
@@ -99948,13 +99948,11 @@
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 CVE-2012-2800 (Unspecified vulnerability in the ff_ivi_process_empty_tile function in ...)
-	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2799 (Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg ...)
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2012-2798 (Unspecified vulnerability in the decode_dds1 function in ...)
-	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2797 (Unspecified vulnerability in the decode_frame_mp3on4 function in ...)
 	- ffmpeg 7:2.4.1-1
@@ -99977,7 +99975,6 @@
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2012-2791 (Multiple unspecified vulnerabilities in the (1) decode_band_hdr ...)
-	[squeeze] - ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.5-1 (bug #688847)
 CVE-2012-2790 (Unspecified vulnerability in the read_var_block_data function in ...)
 	- ffmpeg <not-affected> (bug #688849)
@@ -104869,6 +104866,7 @@
 CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before ...)
 	{DSA-2624-1}
 	- libav 4:0.8.1-1
+	- ffmpeg 7:2.2.1-1
 	[squeeze] - ffmpeg 4:0.5.9-1
 CVE-2012-0857 (Multiple buffer overflows in the get_qcx function in the J2K decoder ...)
 	- libav <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list