[Git][security-tracker-team/security-tracker][master] Another ffmpeg issue fixed in stretch

Mon Jul 30 06:55:57 BST 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1a8a7a30 by Moritz Muehlenhoff at 2018-07-30T05:55:22Z
Another ffmpeg issue fixed in stretch

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -883,10 +883,8 @@ CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to 
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
 CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a ...)
 	- ffmpeg 7:4.0.2-1
-	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2.x release)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
-	NOTE: Needed for 3.2.12
 CVE-2018-14393
 	RESERVED
 CVE-2018-14392 (The New Threads plugin before 1.2 for MyBB has XSS. ...)


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -26,7 +26,7 @@
 	{CVE-2018-12895}
 	[stretch] - wordpress 4.7.5+dfsg-2+deb9u4
 [17 Jul 2018] DSA-4249-1 ffmpeg - security update
-	{CVE-2018-6392 CVE-2018-6621 CVE-2018-7557 CVE-2018-10001 CVE-2018-12458 CVE-2018-13300 CVE-2018-13302 CVE-2018-1999013 CVE-2018-1999012 CVE-2018-1999010}
+	{CVE-2018-6392 CVE-2018-6621 CVE-2018-7557 CVE-2018-10001 CVE-2018-12458 CVE-2018-13300 CVE-2018-13302 CVE-2018-1999013 CVE-2018-1999012 CVE-2018-1999010 CVE-2018-14394}
 	[stretch] - ffmpeg 7:3.2.11-1~deb9u1
 [17 Jul 2018] DSA-4248-1 blender - security update
 	{CVE-2017-2899 CVE-2017-2900 CVE-2017-2901 CVE-2017-2902 CVE-2017-2903 CVE-2017-2904 CVE-2017-2905 CVE-2017-2906 CVE-2017-2907 CVE-2017-2908 CVE-2017-2918 CVE-2017-12081 CVE-2017-12082 CVE-2017-12086 CVE-2017-12099 CVE-2017-12100 CVE-2017-12101 CVE-2017-12102 CVE-2017-12103 CVE-2017-12104 CVE-2017-12105}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a8a7a30485a430b7c8ddff77e3ee0af60b75884

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a8a7a30485a430b7c8ddff77e3ee0af60b75884
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180730/a60003e5/attachment-0001.html>
