[Git][security-tracker-team/security-tracker][master] ffmpeg, podofo bugs

Moritz Muehlenhoff jmm at debian.org
Mon Apr 8 19:50:31 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ed79f37 by Moritz Muehlenhoff at 2019-04-08T18:50:08Z
ffmpeg, podofo bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -413,7 +413,7 @@ CVE-2019-10725
 CVE-2019-10724
 	RESERVED
 CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...)
-	- libpodofo <unfixed>
+	- libpodofo <unfixed> (bug #926667)
 	[jessie] - libpodofo <ignored> (DoS, not used by any sponsor)
 	NOTE: https://sourceforge.net/p/podofo/tickets/46/
 CVE-2019-1003099 (A missing permission check in Jenkins openid Plugin in the OpenIdSsoSe ...)
@@ -3527,7 +3527,7 @@ CVE-2019-9723
 CVE-2019-9722
 	RESERVED
 CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows attac ...)
-	- ffmpeg <unfixed>
+	- ffmpeg <unfixed> (bug #926666)
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
 CVE-2019-9720
@@ -3535,7 +3535,7 @@ CVE-2019-9720
 CVE-2019-9719
 	RESERVED
 CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows atta ...)
-	- ffmpeg <unfixed> (low)
+	- ffmpeg <unfixed> (low; bug #926666)
 	[stretch] - ffmpeg <postponed> (Wait until fixed in 3.2.x release)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982
 CVE-2019-9717



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ed79f375e586e14a67ef57fd1a704940b4c9a82

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ed79f375e586e14a67ef57fd1a704940b4c9a82
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190408/5ad4a31a/attachment.html>

More information about the debian-security-tracker-commits mailing list