[Secure-testing-commits] r51300 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed May 3 07:56:16 UTC 2017
Author: jmm
Date: 2017-05-03 07:56:16 +0000 (Wed, 03 May 2017)
New Revision: 51300
Modified:
data/CVE/list
Log:
five chromium issues in mp4 parsing are not in ffmpeg, but custom chromium code
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-03 06:21:39 UTC (rev 51299)
+++ data/CVE/list 2017-05-03 07:56:16 UTC (rev 51300)
@@ -10379,35 +10379,25 @@
- chromium-browser 57.0.2987.133-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-5051 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
- - ffmpeg <unfixed>
- - chromium-browser 44.0.2403.157-1
- [jessie] - chromium-browser <unfixed>
+ - chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy
+ NOTE: https://codereview.chromium.org/2654913002
CVE-2017-5050 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
- - ffmpeg <unfixed>
- - chromium-browser 44.0.2403.157-1
- [jessie] - chromium-browser <unfixed>
+ - chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy
+ NOTE: https://codereview.chromium.org/2654913002
CVE-2017-5049 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
- - ffmpeg <unfixed>
- - chromium-browser 44.0.2403.157-1
- [jessie] - chromium-browser <unfixed>
+ - chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy
+ NOTE: https://codereview.chromium.org/2654913002
CVE-2017-5048 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
- - ffmpeg <unfixed>
- - chromium-browser 44.0.2403.157-1
- [jessie] - chromium-browser <unfixed>
+ - chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy
+ NOTE: https://codereview.chromium.org/2654913002
CVE-2017-5047 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...)
- - ffmpeg <unfixed>
- - chromium-browser 44.0.2403.157-1
- [jessie] - chromium-browser <unfixed>
+ - chromium-browser 57.0.2987.98-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
- NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy
+ NOTE: https://codereview.chromium.org/2654913002
CVE-2017-5046 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux ...)
{DSA-3810-1}
- chromium-browser 57.0.2987.98-1
More information about the Secure-testing-commits
mailing list