[Git][security-tracker-team/security-tracker][master] 14 commits: CVE-2017-9994,libav: Jessie is affected

Markus Koschany apo at debian.org
Wed Dec 12 21:57:32 GMT 2018 

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
04e22df4 by Markus Koschany at 2018-12-12T21:56:42Z
CVE-2017-9994,libav: Jessie is affected

- - - - -
02231387 by Markus Koschany at 2018-12-12T21:56:43Z
CVE-2017-9993,libav: Jessie is partially affected.

Jessie is only partially affected. Only the second commit is relevant. HTTP
Live Streaming filename extension code is not present.

- - - - -
e6327bf1 by Markus Koschany at 2018-12-12T21:56:43Z
CVE-2017-9987,libav: Update NOTES.

- - - - -
9410026a by Markus Koschany at 2018-12-12T21:56:44Z
CVE-2017-7866,libav: Jessie is not affected.

The function decode_zbuf does not exist.

- - - - -
f76c97e2 by Markus Koschany at 2018-12-12T21:56:44Z
CVE-2017-7865,libav: Jessie is affected.

- - - - -
b53b3a79 by Markus Koschany at 2018-12-12T21:56:45Z
CVE-2017-15672,libav: Jessie is affected

- - - - -
d6db3d10 by Markus Koschany at 2018-12-12T21:56:46Z
CVE-2017-15186,libav: Jessie is not affected.

The vulnerable code was introduced later.

- - - - -
2eb0f119 by Markus Koschany at 2018-12-12T21:56:46Z
CVE-2017-14767,libav: Jessie is affected.

- - - - -
b9bd7c9a by Markus Koschany at 2018-12-12T21:56:47Z
CVE-2017-14223,libav: Jessie is affected.

- - - - -
dc39374c by Markus Koschany at 2018-12-12T21:56:48Z
CVE-2017-14222,libav: Jessie is not affected.

The read_tfra function is not present. There is another read_tfra function in
tools/ismindex.c but this one is different.

- - - - -
4441bb6a by Markus Koschany at 2018-12-12T21:56:48Z
CVE-2017-14171,libav: Jessie is affected.

- - - - -
95386bd4 by Markus Koschany at 2018-12-12T21:56:49Z
CVE-2017-14170,libav: Jessie is affected.

- - - - -
107e10b1 by Markus Koschany at 2018-12-12T21:56:50Z
CVE-2017-14169,libav: Jessie could be affected.

Libav in Jessie uses a different guard for item_num. Maybe the new guard is not
necessary at all. For now mark the package as vulnerable and check again later.

- - - - -
54ad2bcc by Markus Koschany at 2018-12-12T21:56:50Z
CVE-2017-14059,libav: Jessie is not affected.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -64162,7 +64162,7 @@ CVE-2017-15673 (The files function in the administration section in CS-Cart 4.6.
 CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904
 CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or libc6) ...)
 	[experimental] - glibc 2.26-0experimental0
@@ -65611,7 +65611,8 @@ CVE-2017-15194 (include/global_session.php in Cacti 1.1.25 has XSS related to (1
 CVE-2017-15186 (Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
-	- libav <undetermined>
+	- libav <removed>
+	[jessie] - libav <not-affected> (vulnerable code was introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/20/4
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/df62b70de8aaa285168e72fe8f6e740843ca91fa
 CVE-2017-15185 (plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis ...)
@@ -67024,9 +67025,10 @@ CVE-2017-14768
 CVE-2017-14767 (The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
 	NOTE: Fixed in 3.2.8
+	NOTE: The check is completely missing in Jessie. It should be added.
 CVE-2017-14766 (The Simple Student Result plugin before 1.6.4 for WordPress has an ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-14765 (In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a ...)
@@ -68691,12 +68693,13 @@ CVE-2017-14224 (A heap-based buffer overflow in WritePCXImage in coders/pcx.c in
 CVE-2017-14223 (In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/afc9c683ed9db01edb357bc8c19edad4282b3a97
 CVE-2017-14222 (In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
+	[jessie] - libav <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9cb4eb772839c5e1de2855d126bf74ff16d13382
 CVE-2017-14221
 	RESERVED
@@ -68828,17 +68831,19 @@ CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage(
 CVE-2017-14171 (In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7
 CVE-2017-14170 (In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2
 CVE-2017-14169 (In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
+	NOTE: libav in Jessie uses a different guard for item_num. Check whether
+	NOTE: the guard is necessary at all.
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad
 CVE-2017-14168
 	RESERVED
@@ -69250,7 +69255,8 @@ CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is pre
 CVE-2017-14059 (In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
-	- libav <undetermined>
+	- libav <removed>
+	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7e80b63ecd259d69d383623e75b318bf2bd491f6
 CVE-2017-14058 (In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not ...)
 	{DSA-3996-1}
@@ -79597,16 +79603,18 @@ CVE-2017-9995 (libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly va
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ac5067146613997bb38442cb022d7f41321a706
 CVE-2017-9994 (libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x ...)
 	- ffmpeg 7:3.2.5-1
-	- libav <undetermined>
+	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present, WebP decoder feature introduced in v10)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
 CVE-2017-9993 (FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, ...)
 	{DSA-3957-1}
 	- ffmpeg 7:3.2.6-1
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb
 	NOTE: Fixed in 3.2.6
+	NOTE: Jessie is only partially affected. Only the second commit is
+	NOTE: relevant. HTTP Live Streaming filename extension code is not present.
 CVE-2017-9992 (Heap-based buffer overflow in the decode_dds1 function in ...)
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.5-1
@@ -79635,6 +79643,8 @@ CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishan
 CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1067
+	NOTE: Five different issues but only one POC instead of five attached.
+	NOTE: Requires more information.
 CVE-2017-9986 (The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel ...)
 	- linux <unfixed> (unimportant)
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
@@ -87756,11 +87766,12 @@ CVE-2017-7867 (International Components for Unicode (ICU) for C/C++ before 2017-
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213
 CVE-2017-7866 (FFmpeg before 2017-01-23 has an out-of-bounds write caused by a ...)
 	- ffmpeg 7:3.2.4-1
-	- libav <undetermined>
+	- libav <removed>
+	[jessie] - libav <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e371f031b942d73e02c090170975561fabd5c264
 CVE-2017-7865 (FFmpeg before 2017-01-24 has an out-of-bounds write caused by a ...)
 	- ffmpeg 7:3.2.4-1
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb
 CVE-2017-7864 (FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a ...)
 	- freetype <not-affected> (Vulnerable code not present; CFF2 support introduced in 2.7.1, cf #860313)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ff295614533d49cc56bb24edb7e2e7c467e6c069...54ad2bcc4c7c74b2d52f2d0648d19d4a5080f70a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ff295614533d49cc56bb24edb7e2e7c467e6c069...54ad2bcc4c7c74b2d52f2d0648d19d4a5080f70a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181212/8790df88/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list