[Git][security-tracker-team/security-tracker][master] postpone two ffmpeg issues until next 3.2.x release
Moritz Muehlenhoff
jmm at debian.org
Tue Apr 24 18:05:12 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b4ecaa37 by Moritz Muehlenhoff at 2018-04-24T19:04:43+02:00
postpone two ffmpeg issues until next 3.2.x release
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6062,8 +6062,9 @@ CVE-2018-7754
RESERVED
CVE-2018-7751 (The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 ...)
- ffmpeg <unfixed>
+ [stretch] - ffmpeg <postponed> (Wait for next 3.2.x release)
+ - libav <not-affected> (Vulnerable code not present)
NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/a6cba062051f345e8ebfdff34aba071ed73d923f
- TODO: check libav
CVE-2018-7750 (transport.py in the SSH server implementation of Paramiko before ...)
- paramiko <unfixed> (bug #892859)
[stretch] - paramiko <no-dsa> (Minor issue)
@@ -6762,6 +6763,7 @@ CVE-2018-7558
RESERVED
CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through ...)
- ffmpeg <unfixed>
+ [stretch] - ffmpeg <postponed> (Wait for next 3.2.x release)
- libav <removed>
NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96
CVE-2018-7556 (LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4ecaa373b217122340c105d7cd8b7249f2b06d8
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4ecaa373b217122340c105d7cd8b7249f2b06d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180424/8c620426/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list