[Secure-testing-commits] r49843 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Mar 20 12:56:38 UTC 2017


Author: jmm
Date: 2017-03-20 12:56:38 +0000 (Mon, 20 Mar 2017)
New Revision: 49843

Modified:
   data/CVE/list
Log:
gstreamer
saned no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-20 10:25:09 UTC (rev 49842)
+++ data/CVE/list	2017-03-20 12:56:38 UTC (rev 49843)
@@ -2181,7 +2181,8 @@
 	NOTE: https://github.com/radare/radare2/commit/ad55822430a03fe075221b543efb434567e9e431
 CVE-2017-6318 [saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server]
 	RESERVED
-	- sane-backends <unfixed> (bug #854804)
+	- sane-backends <unfixed> (low; bug #854804)
+	[jessie] - sane-backends <no-dsa> (Minor issue)
 CVE-2017-6316
 	RESERVED
 CVE-2017-6315
@@ -3788,6 +3789,7 @@
 CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in ...)
 	{DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.4-1 (low)
+	[jessie] - gst-plugins-ugly1.0 <no-dsa> (Minor issue)
 	- gst-plugins-ugly0.10 <unfixed> (low)
 	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -3796,19 +3798,23 @@
 CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in ...)
 	{DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-ugly1.0 <no-dsa> (Minor issue)
 	- gst-plugins-ugly0.10 <unfixed> (low)
 	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
 CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
 	- gst-plugins-good1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
 CVE-2017-5844 (The gst_riff_create_audio_caps function in ...)
 	{DLA-827-1}
 	- gst-plugins-base1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-base1.0 <no-dsa> (Minor issue)
 	- gst-plugins-base0.10 <unfixed> (low)
+	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
 CVE-2017-5843 (Multiple use-after-free vulnerabilities in the (1) ...)
@@ -3825,12 +3831,14 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
 CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in ...)
 	- gst-plugins-good1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
 CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in ...)
 	{DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
 	- gst-plugins-good0.10 <unfixed> (low)
 	[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
@@ -3854,12 +3862,14 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
 CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in ...)
 	- gst-plugins-good1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
 CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in ...)
 	{DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
+	[jessie] - gst-plugins-good1.0 <no-dsa> (Minor issue)
 	- gst-plugins-good0.10 <unfixed> (low)
 	[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7




More information about the Secure-testing-commits mailing list