[Git][security-tracker-team/security-tracker][master] CVE-2017-18247/libav: jessie ignored

Sylvain Beucler beuc at debian.org
Wed Dec 4 15:48:11 GMT 2019



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c917d529 by Sylvain Beucler at 2019-12-04T15:43:40Z
CVE-2017-18247/libav: jessie ignored

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87783,8 +87783,9 @@ CVE-2018-1000137 (I, Librarian version 4.8 and earlier contains a Cross site Req
 	NOTE: https://github.com/mkucej/i-librarian/issues/121
 CVE-2017-18247 (The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12. ...)
 	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (Minor issue, not reproducible)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1089
+	NOTE: referenced patch 27085d1b should protect direct ./avconv vectors but situation is unclear for library vectors
 CVE-2017-18246 (The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c917d529defd318088cf294eac0a303b4c84d873

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c917d529defd318088cf294eac0a303b4c84d873
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191204/834fd90b/attachment.html>


More information about the debian-security-tracker-commits mailing list