[Git][security-tracker-team/security-tracker][master] new ffmpeg issues

Moritz Muehlenhoff jmm at debian.org
Tue Jun 19 23:00:41 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b42c976 by Moritz Muehlenhoff at 2018-06-20T00:00:17+02:00
new ffmpeg issues
NFUs
libav removed
kmail no-dsa
smplayer "fixed" (could also be tracked as unimportant now)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -300,9 +300,13 @@ CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference 
 	- ffmpeg <not-affected> (Introduced after 3.4)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b3332a182f8ba33a34542e4a0370f38b914ccf7d
 CVE-2018-12459 (An inconsistent bits-per-sample value in the ...)
-	TODO: check
+	- ffmpeg <unfixed> (low)
+	[stretch] - ffmpeg <postponed> (Can be fixed when new 3.2.x release fixes it)
+	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2fc108f60f98cd00813418a8754a46476b404a3c
 CVE-2018-12458 (An improper integer type in the mpeg4_encode_gop_header function in ...)
-	TODO: check
+	- ffmpeg <unfixed> (low)
+	[stretch] - ffmpeg <postponed> (Can be fixed when new 3.2.x release fixes it)
+	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1182fac1afba92a4975917823a5f644bee7e6e8
 CVE-2018-12457 (expressCart before 1.1.6 allows remote attackers to create an admin ...)
 	NOT-FOR-US: expressCart
 CVE-2018-12456
@@ -326,7 +330,7 @@ CVE-2018-12449
 CVE-2018-12448
 	RESERVED
 CVE-2018-12447 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used ...)
-	TODO: check
+	NOT-FOR-US: libbpg
 CVE-2018-12446
 	RESERVED
 CVE-2018-12445
@@ -460,7 +464,7 @@ CVE-2018-12435 (Botan 2.5.0 through 2.6.0 allows a memory-cache side-channel att
 CVE-2018-12434 (LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache ...)
 	- libressl <itp> (bug #754513)
 CVE-2018-12433 (** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache ...)
-	TODO: check
+	NOT-FOR-US: cryptlib
 CVE-2018-12432 (JavaMelody through 1.60.0 has XSS via the counter parameter in a ...)
 	NOT-FOR-US: JavaMelody
 CVE-2018-12431 (SeaCMS V6.61 has XSS via the site name parameter on an ...)
@@ -3451,9 +3455,8 @@ CVE-2018-11225 (The dcputs function in decompile.c in libming through 0.4.8 mish
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/143
 CVE-2018-11224 (An issue was discovered in Libav 12.3. A read access violation in the ...)
-	- libav <undetermined>
+	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1129
-	TODO: check
 CVE-2018-11223 (XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2018-11222 (Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 ...)
@@ -5863,7 +5866,7 @@ CVE-2018-10231
 CVE-2018-10230 (Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455. ...)
 	NOT-FOR-US: Zend Server
 CVE-2018-10229 (A hardware vulnerability in GPU memory modules allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: GPU memory hardware issue
 CVE-2018-10228
 	RESERVED
 CVE-2018-10227 (MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter. ...)
@@ -12636,7 +12639,7 @@ CVE-2018-7561 (Stack-based Buffer Overflow in httpd on Tenda AC9 devices ...)
 CVE-2018-7560 (index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package ...)
 	NOT-FOR-US: aws-lambda-multipart-parser NPM package
 CVE-2018-7559 (An issue was discovered in OPC UA .NET Standard Stack and Sample Code ...)
-	TODO: check
+	NOT-FOR-US: OPC UA .NET
 CVE-2018-7558
 	RESERVED
 CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through ...)
@@ -27773,7 +27776,9 @@ CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ..
 	- evolution <unfixed> (bug #898633)
 	- kmail <unfixed> (bug #898634)
 	- kf5-messagelib <unfixed> (bug #899127)
+	[stretch] - kf5-messagelib <no-dsa> (Defaults to secure handling, change to disable it entirely can be fixed via spu)
 	- kdepim <removed> (bug #899128)
+	[stretch] - kdepim <no-dsa> (Defaults to secure handling, change to disable it entirely can be fixed via spu)
 	NOTE: https://efail.de
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=796135
 	NOTE: https://dot.kde.org/2018/05/15/efail-and-kmail
@@ -78288,15 +78293,17 @@ CVE-2017-2923 (An exploitable heap based buffer overflow vulnerability exists in
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0430
 	NOTE: https://www.gaia-gis.it/fossil/freexl/ci/40c17539ea56f0d8
 CVE-2017-2922 (An exploitable memory corruption vulnerability exists in the Websocket ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2921 (An exploitable memory corruption vulnerability exists in the Websocket ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing ...)
 	NOT-FOR-US: Computerinsel Photoline
 CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists in the ...)
@@ -78325,10 +78332,11 @@ CVE-2017-2911 (An exploitable vulnerability exists in the remote control ...)
 CVE-2017-2910
 	RESERVED
 CVE-2017-2909 (An infinite loop programming error exists in the DNS server ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2908 (An exploitable integer overflow exists in the thumbnail functionality ...)
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
@@ -78391,30 +78399,35 @@ CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the ..
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403
 CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2894 (An exploitable stack buffer overflow vulnerability exists in the MQTT ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2893 (An exploitable NULL pointer dereference vulnerability exists in the ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2892 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2891 (An exploitable use-after-free vulnerability exists in the HTTP server ...)
-	- smplayer <unfixed> (bug #898943)
+	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
+	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
 CVE-2017-2890 (An exploitable vulnerability exists in the /api/CONFIG/restore ...)
 	NOT-FOR-US: Circle with Disney
 CVE-2017-2889 (An exploitable Denial of Service vulnerability exists in the API ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b42c976e3212c3fc0d4cb8913ab19557d9ebd4c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b42c976e3212c3fc0d4cb8913ab19557d9ebd4c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180619/057ce445/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list