[Secure-testing-commits] r52375 - data/CVE
Hugo Lefeuvre
hle at moszumanska.debian.org
Wed Jun 7 08:51:48 UTC 2017
Author: hle
Date: 2017-06-07 08:51:48 +0000 (Wed, 07 Jun 2017)
New Revision: 52375
Modified:
data/CVE/list
Log:
CVE-2017-9051: libav 0.8.* and 11.* branches not vulnerable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-07 06:56:37 UTC (rev 52374)
+++ data/CVE/list 2017-06-07 08:51:48 UTC (rev 52375)
@@ -1328,7 +1328,8 @@
CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due to ...)
- libav <removed> (low)
- ffmpeg 7:2.6.1-1 (low)
- [jessie] - libav <no-dsa> (Minor issue)
+ [wheezy] - libav <not-affected> (Tested with the original reproducer, 0.8 branch not vulnerable)
+ [jessie] - libav <not-affected> (Tested with the original reproducer, 11 branch not vulnerable)
NOTE: Fix in libav: https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24.patch
NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/8d7ce5cdb707d4b22749f72d3f118e62e2b95cd3
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1039
More information about the Secure-testing-commits
mailing list