[Git][security-tracker-team/security-tracker][master] Remove stretch annotation from ffmpeg entry as n/a in general

Moritz Muehlenhoff jmm at debian.org
Mon Sep 3 22:09:24 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d75db76 by Moritz Muehlenhoff at 2018-09-03T21:08:47Z
Remove stretch annotation from ffmpeg entry as n/a in general
More stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -218,6 +218,7 @@ CVE-2018-16324 (In IceWarp Server 12.0.3.1 and before, there is XSS in the /webm
 	NOT-FOR-US: IceWarp Server
 CVE-2018-16323 (ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data ...)
 	- imagemagick <unfixed> (bug #907776)
+	[stretch] - imagemagick <postponed> (Can be fixed along in next DSA)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786
 CVE-2018-16322
@@ -780,19 +781,22 @@ CVE-2018-16060
 CVE-2018-16059
 	RESERVED
 CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
-	- wireshark 2.6.3-1
+	- wireshark 2.6.3-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c48d6a6d60c5c9111838a945966b6cb8750777be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-44.html
 CVE-2018-16057 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
-	- wireshark 2.6.3-1
+	- wireshark 2.6.3-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-46.html
 CVE-2018-16056 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
-	- wireshark 2.6.3-1
+	- wireshark 2.6.3-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f98fbce64cb230e94a2cafc410a3cedad657b485
@@ -4894,6 +4898,7 @@ CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11
 CVE-2018-14369 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=038cd225bfa54e2a7ade4043118796334920a61e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-41.html
@@ -5035,6 +5040,7 @@ CVE-2018-14345 (An issue was discovered in SDDM through 0.17.0. If configured wi
 	NOTE: https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98
 CVE-2018-14344 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
 	- wireshark 2.6.2-1
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, introduced in v1.99.1rc0-224-g6720c80bab)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14672
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f7153685b39a164aea09ba7f96ebb648b8328ae
@@ -7354,7 +7360,6 @@ CVE-2018-13306
 	RESERVED
 CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of the ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4#commitcomment-30094223



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d75db76825e9cb576b113f8f34346a54fde9794

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d75db76825e9cb576b113f8f34346a54fde9794
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180903/6e55c0a8/attachment.html>

More information about the debian-security-tracker-commits mailing list