[Secure-testing-commits] r48520 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 29 12:53:17 UTC 2017
Author: carnil
Date: 2017-01-29 12:53:17 +0000 (Sun, 29 Jan 2017)
New Revision: 48520
Modified:
data/CVE/list
Log:
Update two CVE entries for libbpg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-29 11:39:43 UTC (rev 48519)
+++ data/CVE/list 2017-01-29 12:53:17 UTC (rev 48520)
@@ -16046,7 +16046,10 @@
CVE-2016-8711
RESERVED
CVE-2016-8710 (An exploitable heap write out of bounds vulnerability exists in the ...)
- TODO: check
+ - ffmpeg <undetermined>
+ NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg
+ NOTE: http://blog.talosintel.com/2017/01/vulnerability-spotlight-libbpg-image.html
+ NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0223/
CVE-2016-8709
RESERVED
CVE-2016-8708
@@ -26404,7 +26407,9 @@
CVE-2016-5638
RESERVED
CVE-2016-5637 (The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 ...)
- TODO: check
+ - ffmpeg <undetermined>
+ NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg
+ NOTE: https://www.kb.cert.org/vuls/id/123799
CVE-2016-1000003 (Mirror Manager version 0.7.2 and older is vulnerable to remote code ...)
TODO: check
CVE-2016-5727
More information about the Secure-testing-commits
mailing list