[Secure-testing-commits] r42565 - data/CVE
Ola Lundqvist
opal at moszumanska.debian.org
Thu Jun 16 10:32:38 UTC 2016
Author: opal
Date: 2016-06-16 10:32:38 +0000 (Thu, 16 Jun 2016)
New Revision: 42565
Modified:
data/CVE/list
Log:
Security tracker updated with findings from Diego Biurrun. CVE-2015-8217 and CVE-2015-8363 do not apply to Libav 0.8 because the affected decoders are not present in that release.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-16 07:35:40 UTC (rev 42564)
+++ data/CVE/list 2016-06-16 10:32:38 UTC (rev 42565)
@@ -17342,6 +17342,7 @@
CVE-2015-8363 (The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in ...)
- ffmpeg 7:2.8.3-1 (bug #806519)
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
+ [wheezy] - libav <not-affected> (Vulnerable code not present)
- libav <undetermined>
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
CVE-2015-8362 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices ...)
@@ -17799,6 +17800,7 @@
CVE-2015-8217 (The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg ...)
- ffmpeg 7:2.8.2-1
[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
+ [wheezy] - libav <not-affected> (Vulnerable code not present)
- libav <undetermined>
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=93f30f825c08477fe8f76be00539e96014cc83c8
CVE-2015-8216 (The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg ...)
More information about the Secure-testing-commits
mailing list