[Secure-testing-commits] r49843 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 20 12:56:38 UTC 2017
Author: jmm
Date: 2017-03-20 12:56:38 +0000 (Mon, 20 Mar 2017)
New Revision: 49843
Modified:
data/CVE/list
Log:
gstreamer
saned no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-20 10:25:09 UTC (rev 49842)
+++ data/CVE/list 2017-03-20 12:56:38 UTC (rev 49843)
@@ -2181,7 +2181,8 @@
NOTE: https://github.com/radare/radare2/commit/ad55822430a03fe075221b543efb434567e9e431
CVE-2017-6318 [saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server]
RESERVED
- - sane-backends <unfixed> (bug #854804)
+ - sane-backends <unfixed> (low; bug #854804)
+ [jessie] - sane-backends <no-dsa> (Minor issue)
CVE-2017-6316
RESERVED
CVE-2017-6315
@@ -3788,6 +3789,7 @@
CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in ...)
{DLA-829-1}
- gst-plugins-ugly1.0 1.10.4-1 (low)
+ [jessie] - gst-plugins-ugly1.0 <no-dsa> (Minor issue)
- gst-plugins-ugly0.10 <unfixed> (low)
[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -3796,19 +3798,23 @@
CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in ...)
{DLA-829-1}
- gst-plugins-ugly1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-ugly1.0 <no-dsa> (Minor issue)
- gst-plugins-ugly0.10 <unfixed> (low)
[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
CVE-2017-5844 (The gst_riff_create_audio_caps function in ...)
{DLA-827-1}
- gst-plugins-base1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-base1.0 <no-dsa> (Minor issue)
- gst-plugins-base0.10 <unfixed> (low)
+ [jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
CVE-2017-5843 (Multiple use-after-free vulnerabilities in the (1) ...)
@@ -3825,12 +3831,14 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in ...)
{DLA-828-1}
- gst-plugins-good1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
- gst-plugins-good0.10 <unfixed> (low)
[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -3854,12 +3862,14 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in ...)
- gst-plugins-good1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in ...)
{DLA-828-1}
- gst-plugins-good1.0 1.10.3-1 (low)
+ [jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
- gst-plugins-good0.10 <unfixed> (low)
[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
More information about the Secure-testing-commits
mailing list