[Secure-testing-commits] r48869 - data/CVE
Emilio Pozuelo Monfort
pochu at moszumanska.debian.org
Sun Feb 12 22:52:40 UTC 2017
Author: pochu
Date: 2017-02-12 22:52:39 +0000 (Sun, 12 Feb 2017)
New Revision: 48869
Modified:
data/CVE/list
Log:
triage gstreamer vulnerabilities for 0.10 series
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-12 22:51:53 UTC (rev 48868)
+++ data/CVE/list 2017-02-12 22:52:39 UTC (rev 48869)
@@ -698,72 +698,72 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in ...)
- gst-plugins-bad1.0 <unfixed> (low)
- - gst-plugins-bad0.10 <undetermined>
+ - gst-plugins-bad0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777957
CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in ...)
- gst-plugins-ugly1.0 <unfixed> (low)
- - gst-plugins-ugly0.10 <undetermined>
+ - gst-plugins-ugly0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in ...)
- gst-plugins-ugly1.0 1.10.3-1 (low)
- - gst-plugins-ugly0.10 <undetermined>
+ - gst-plugins-ugly0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
- - gst-plugins-good0.10 <undetermined>
+ - gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
CVE-2017-5844 (The gst_riff_create_audio_caps function in ...)
- gst-plugins-base1.0 1.10.3-1 (low)
- - gst-plugins-base0.10 <undetermined>
+ - gst-plugins-base0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
CVE-2017-5843 (Multiple use-after-free vulnerabilities in the (1) ...)
- gst-plugins-bad1.0 1.10.3-1
- - gst-plugins-bad0.10 <undetermined>
+ - gst-plugins-bad0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777503
CVE-2017-5842 (The html_context_handle_element function in gst/subparse/samiparse.c ...)
- gst-plugins-base1.0 1.10.3-1
- - gst-plugins-base0.10 <undetermined>
+ - gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
- - gst-plugins-good0.10 <undetermined>
+ - gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
- - gst-plugins-good0.10 <undetermined>
+ - gst-plugins-good0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777469
CVE-2017-5839 (The gst_riff_create_audio_caps function in ...)
- gst-plugins-base1.0 1.10.3-1
- - gst-plugins-base0.10 <undetermined>
+ - gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777265
CVE-2017-5838 (The gst_date_time_new_from_iso8601_string function in ...)
- gstreamer1.0 1.10.3-1 (low)
- - gstreamer0.10 <undetermined>
+ - gstreamer0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777263
CVE-2017-5837 (The gst_riff_create_audio_caps function in ...)
- gst-plugins-base1.0 1.10.3-1 (low)
- - gst-plugins-base0.10 <undetermined>
+ - gst-plugins-base0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
- - gst-plugins-good0.10 <undetermined>
+ - gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
- - gst-plugins-good0.10 <undetermined>
+ - gst-plugins-good0.10 <unfixed> (low)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775450
CVE-2016-XXXX [iio-sensor-proxy: insecure dbus policy]
More information about the Secure-testing-commits
mailing list