[Git][security-tracker-team/security-tracker][master] Remove stretch annotation from ffmpeg entry as n/a in general
Moritz Muehlenhoff
jmm at debian.org
Mon Sep 3 22:09:24 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1d75db76 by Moritz Muehlenhoff at 2018-09-03T21:08:47Z
Remove stretch annotation from ffmpeg entry as n/a in general
More stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -218,6 +218,7 @@ CVE-2018-16324 (In IceWarp Server 12.0.3.1 and before, there is XSS in the /webm
NOT-FOR-US: IceWarp Server
CVE-2018-16323 (ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data ...)
- imagemagick <unfixed> (bug #907776)
+ [stretch] - imagemagick <postponed> (Can be fixed along in next DSA)
[jessie] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786
CVE-2018-16322
@@ -780,19 +781,22 @@ CVE-2018-16060
CVE-2018-16059
RESERVED
CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
- - wireshark 2.6.3-1
+ - wireshark 2.6.3-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c48d6a6d60c5c9111838a945966b6cb8750777be
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-44.html
CVE-2018-16057 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
- - wireshark 2.6.3-1
+ - wireshark 2.6.3-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-46.html
CVE-2018-16056 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
- - wireshark 2.6.3-1
+ - wireshark 2.6.3-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <not-affected> (vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f98fbce64cb230e94a2cafc410a3cedad657b485
@@ -4894,6 +4898,7 @@ CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11
CVE-2018-14369 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
{DLA-1451-1}
- wireshark 2.6.2-1
+ [stretch] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=038cd225bfa54e2a7ade4043118796334920a61e
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-41.html
@@ -5035,6 +5040,7 @@ CVE-2018-14345 (An issue was discovered in SDDM through 0.17.0. If configured wi
NOTE: https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98
CVE-2018-14344 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ...)
- wireshark 2.6.2-1
+ [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <not-affected> (Vulnerable code not present, introduced in v1.99.1rc0-224-g6720c80bab)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14672
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f7153685b39a164aea09ba7f96ebb648b8328ae
@@ -7354,7 +7360,6 @@ CVE-2018-13306
RESERVED
CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of the ...)
- ffmpeg <not-affected> (Vulnerable code not present)
- [stretch] - ffmpeg <not-affected> (Vulnerable code not present)
- libav <undetermined>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4#commitcomment-30094223
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d75db76825e9cb576b113f8f34346a54fde9794
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d75db76825e9cb576b113f8f34346a54fde9794
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180903/6e55c0a8/attachment.html>
More information about the debian-security-tracker-commits
mailing list