[Secure-testing-commits] r44505 - in data: CVE DSA
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Sep 11 16:42:37 UTC 2016
Author: jmm
Date: 2016-09-11 16:42:33 +0000 (Sun, 11 Sep 2016)
New Revision: 44505
Modified:
data/CVE/list
data/DSA/list
Log:
updates for libav/ffmpeg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-11 16:13:52 UTC (rev 44504)
+++ data/CVE/list 2016-09-11 16:42:33 UTC (rev 44505)
@@ -1,9 +1,9 @@
CVE-2016-7393 [stack-based buffer overflow in aac_sync (aac_parser.c)]
- - ffmpeg <undetermined>
+ {DSA-3506-1}
+ - ffmpeg 7:2.4-1
- libav <removed>
NOTE: https://blogs.gentoo.org/ago/2016/08/20/libav-stack-based-buffer-overflow-in-aac_sync-aac_parser-c/
NOTE: https://git.libav.org/?p=libav.git;a=commit;h=fb1473080223a634b8ac2cca48a632d037a0a69d
- TODO: check
CVE-2016-7392 [heap-based buffer overflow in pstoedit_suffix_table_init (output-pstoedit.c)]
- autotrace <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/09/10/autotrace-heap-based-buffer-overflow-in-pstoedit_suffix_table_init-output-pstoedit-c/
@@ -829,8 +829,8 @@
RESERVED
CVE-2016-6920 [exr file Heap Overflow]
RESERVED
- - ffmpeg <unfixed>
- TODO: check
+ - ffmpeg 7:3.1.3-1
+ - libav <undetermined>
CVE-2016-6919
RESERVED
CVE-2016-6918
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-09-11 16:13:52 UTC (rev 44504)
+++ data/DSA/list 2016-09-11 16:42:33 UTC (rev 44505)
@@ -512,7 +512,7 @@
{CVE-2015-8126 CVE-2016-1630 CVE-2016-1631 CVE-2016-1632 CVE-2016-1633 CVE-2016-1634 CVE-2016-1635 CVE-2016-1636 CVE-2016-1637 CVE-2016-1638 CVE-2016-1639 CVE-2016-1640 CVE-2016-1641 CVE-2016-1642 CVE-2016-2845 CVE-2016-2844 CVE-2016-2843}
[jessie] - chromium-browser 49.0.2623.75-1~deb8u1
[04 Mar 2016] DSA-3506-1 libav - security update
- {CVE-2016-1897 CVE-2016-1898 CVE-2016-2326}
+ {CVE-2016-1897 CVE-2016-1898 CVE-2016-2326 CVE-2016-7393}
[wheezy] - libav 6:0.8.17-2
[jessie] - libav 6:11.6-1~deb8u1
[04 Mar 2016] DSA-3505-1 wireshark - security update
More information about the Secure-testing-commits
mailing list