[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status on CVE-2018-6392/ffmpeg
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 2 06:50:31 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
badb0372 by Salvatore Bonaccorso at 2018-02-02T07:45:19+01:00
Update status on CVE-2018-6392/ffmpeg
The vulnerable code, the out of array access in the filter_slice
function is present at least in the version in unstable (unless
something done wrong during triage), and should be present as well in
the streth version:
https://sources.debian.org/src/ffmpeg/7:3.2.9-1%7Edeb9u1/libavfilter/vf_transpose.c/#L151
Upstream has adressed the out of array access in
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c6939f65a116b1ffed345d29d8621ee4ffb32235
but that needed a (functional) regression fix some days later with
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5
This still would need an additional reviev.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -349,9 +349,10 @@ CVE-2018-6394
CVE-2018-6393 (FreePBX 10.13.66-32bit allows post-authentication SQL injection via the ...)
NOT-FOR-US: FreePBX
CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg ...)
- - ffmpeg <not-affected> (Didn't affect any releases, only master for a few days)
- NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5
- NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c6939f65a116b1ffed345d29d8621ee4ffb32235
+ - ffmpeg <unfixed>
+ NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5
+ NOTE: Needs as well: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c6939f65a116b1ffed345d29d8621ee4ffb32235
+ NOTE: fixing a (functional) regression introduced by the original fix.
CVE-2018-6391 (A cross-site request forgery web vulnerability has been discovered on ...)
NOT-FOR-US: Netis WF2419 V2.2.36123 devices
CVE-2018-6390 (The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/badb03725a25192eefeddb4afaf8a5383e295a93
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/badb03725a25192eefeddb4afaf8a5383e295a93
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180202/a4cd1925/attachment.html>
More information about the Secure-testing-commits
mailing list