[Secure-testing-commits] r58495 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Dec 12 20:02:00 UTC 2017


Author: carnil
Date: 2017-12-12 20:01:59 +0000 (Tue, 12 Dec 2017)
New Revision: 58495

Modified:
   data/CVE/list
Log:
Add CVE-2017-17555/ffmpeg

Issue lies in libswresample.so.2, coming from src:ffmpeg

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-12 19:33:18 UTC (rev 58494)
+++ data/CVE/list	2017-12-12 20:01:59 UTC (rev 58495)
@@ -18,7 +18,8 @@
 CVE-2017-17556
 	RESERVED
 CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg ...)
-	TODO: check
+	- ffmpeg <unfixed>
+	NOTE: https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md
 CVE-2017-17554 (A NULL pointer dereference (DoS) Vulnerability was found in the ...)
 	- aubio <unfixed> (low)
 CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing ...)




More information about the Secure-testing-commits mailing list