[Git][security-tracker-team/security-tracker][master] Record fixes for ffmpeg via unstable upload

Sun Jul 22 07:59:11 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5bdb2ab2 by Salvatore Bonaccorso at 2018-07-22T08:57:39+02:00
Record fixes for ffmpeg via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -247,13 +247,13 @@ CVE-2018-14397
 CVE-2018-14396
 	RESERVED
 CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2.x release)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
 	NOTE: Pending for 3.2.12
 CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2.x release)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
@@ -2737,12 +2737,12 @@ CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of t
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
 CVE-2018-13304 (In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235
 CVE-2018-13303 (In FFmpeg 4.0.1, a missing check for failure of a call to ...)
-	- ffmpeg <unfixed>
+	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78
@@ -2753,7 +2753,7 @@ CVE-2018-13302 (In FFmpeg 4.0.1, improper handling of frame types (other than ..
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50
 	NOTE: Fixed in 3.2.11
 CVE-2018-13301 (In FFmpeg 4.0.1, due to a missing check of a profile value before ...)
-	- ffmpeg <unfixed> (low)
+	- ffmpeg 7:4.0.2-1 (low)
 	[stretch] - ffmpeg <postponed> (Can be fixed when new 3.2.x release fixes it)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bdb2ab291e64d5dc4bb8c5947851a002cb43cff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bdb2ab291e64d5dc4bb8c5947851a002cb43cff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180722/4e0adac6/attachment.html>
