[Git][security-tracker-team/security-tracker][master] Record fixes for ffmpeg via unstable upload
Salvatore Bonaccorso
carnil at debian.org
Sun Jul 22 07:59:11 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5bdb2ab2 by Salvatore Bonaccorso at 2018-07-22T08:57:39+02:00
Record fixes for ffmpeg via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -247,13 +247,13 @@ CVE-2018-14397
CVE-2018-14396
RESERVED
CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
- - ffmpeg <unfixed>
+ - ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2.x release)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
NOTE: Pending for 3.2.12
CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
- - ffmpeg <unfixed>
+ - ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2.x release)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
@@ -2737,12 +2737,12 @@ CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of t
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
CVE-2018-13304 (In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency ...)
- - ffmpeg <unfixed>
+ - ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235
CVE-2018-13303 (In FFmpeg 4.0.1, a missing check for failure of a call to ...)
- - ffmpeg <unfixed>
+ - ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78
@@ -2753,7 +2753,7 @@ CVE-2018-13302 (In FFmpeg 4.0.1, improper handling of frame types (other than ..
NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50
NOTE: Fixed in 3.2.11
CVE-2018-13301 (In FFmpeg 4.0.1, due to a missing check of a profile value before ...)
- - ffmpeg <unfixed> (low)
+ - ffmpeg 7:4.0.2-1 (low)
[stretch] - ffmpeg <postponed> (Can be fixed when new 3.2.x release fixes it)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bdb2ab291e64d5dc4bb8c5947851a002cb43cff
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bdb2ab291e64d5dc4bb8c5947851a002cb43cff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180722/4e0adac6/attachment.html>
More information about the debian-security-tracker-commits
mailing list