[Secure-testing-commits] r51714 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu May 18 09:39:21 UTC 2017
Author: jmm
Date: 2017-05-18 09:39:21 +0000 (Thu, 18 May 2017)
New Revision: 51714
Modified:
data/CVE/list
Log:
new libav issue, ffmpeg already fixed in 2015
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-18 09:15:52 UTC (rev 51713)
+++ data/CVE/list 2017-05-18 09:39:21 UTC (rev 51714)
@@ -13,7 +13,12 @@
CVE-2017-9052 (An issue, also known as DW201703-006, was discovered in libdwarf ...)
TODO: check
CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due to ...)
- TODO: check
+ - libav <removed> (low)
+ - ffmpeg 7:2.6.1-1 (low)
+ [jessie] - libav <no-dsa> (Minor issue)
+ NOTE: Fix in libav: https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24.patch
+ NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/8d7ce5cdb707d4b22749f72d3f118e62e2b95cd3
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1039
CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
TODO: check
CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
More information about the Secure-testing-commits
mailing list