[Secure-testing-commits] r50640 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 14 05:34:05 UTC 2017
Author: carnil
Date: 2017-04-14 05:34:05 +0000 (Fri, 14 Apr 2017)
New Revision: 50640
Modified:
data/CVE/list
Log:
Correct version for rtmpdump wich really contains the fixes
The fixes were aimed to be in 2.4+20151223.gitfa8646d-1 and this is the
case in the packaging repository of rtmpdump, but the orig tarball was
missed to import resulting in a followup update later which reimports
the upstream snapshot *and* including the fixes as well for the
resulting upload in Debian.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-14 05:19:44 UTC (rev 50639)
+++ data/CVE/list 2017-04-14 05:34:05 UTC (rev 50640)
@@ -52762,18 +52762,27 @@
CVE-2015-8273
RESERVED
CVE-2015-8272 (RTMPDump 2.4 allows remote attackers to trigger a denial of service ...)
- - rtmpdump 2.4+20151223.gitfa8646d-1
+ - rtmpdump 2.4+20151223.gitfa8646d.1-1
NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/4312322107a94c81d3ec5b98f91bc6b923551dc5
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0068/
+ NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
+ NOTE: to missing upstream source import the fixes are really only present in
+ NOTE: 2.4+20151223.gitfa8646d.1-1
CVE-2015-8271 (The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote ...)
- - rtmpdump 2.4+20151223.gitfa8646d-1
+ - rtmpdump 2.4+20151223.gitfa8646d.1-1
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0067/
NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/39ec7eda489717d503bc4cbfaa591c93205695b6
NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/530f9bb2a02a78c1198fb2bf0293a12d225e4691
+ NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
+ NOTE: to missing upstream source import the fixes are really only present in
+ NOTE: 2.4+20151223.gitfa8646d.1-1
CVE-2015-8270 (The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote ...)
- - rtmpdump 2.4+20151223.gitfa8646d-1
+ - rtmpdump 2.4+20151223.gitfa8646d.1-1
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0066/
NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/10b580aabcec1621b25518271ba1ab2b018be88e
+ NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
+ NOTE: to missing upstream source import the fixes are really only present in
+ NOTE: 2.4+20151223.gitfa8646d.1-1
CVE-2015-8269 (The API on Fisher-Price Smart Toy Bear devices allows remote attackers ...)
NOT-FOR-US: Fisher-Price
CVE-2015-8268 (The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 ...)
More information about the Secure-testing-commits
mailing list