[Secure-testing-commits] r58039 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 26 20:38:31 UTC 2017
Author: carnil
Date: 2017-11-26 20:38:31 +0000 (Sun, 26 Nov 2017)
New Revision: 58039
Modified:
data/CVE/list
Log:
Add original commit for CVE-2017-16803
Causes a bit of confusion. The check is indeed in place in ffmpeg, and
the original commit is b829da363985cb2f80130bba304cc29a632f6446 and
adressed much earlier. It's not clear to me if the issue has been
reintroduced and then the fix reapplied, but in ffmpeg up to unstable
the previous added check is still in place.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-26 20:16:30 UTC (rev 58038)
+++ data/CVE/list 2017-11-26 20:38:31 UTC (rev 58039)
@@ -815,7 +815,8 @@
- ffmpeg 7:2.2.1-1
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1098
NOTE: https://github.com/libav/libav/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
- NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
+ NOTE: ffmpeg: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
+ NOTE: ffmpeg originally fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/b829da363985cb2f80130bba304cc29a632f6446
CVE-2017-16802 (In the sharingGroupPopulateOrganisations function in ...)
NOT-FOR-US: MISP
CVE-2017-16804 (In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function ...)
More information about the Secure-testing-commits
mailing list