[Git][security-tracker-team/security-tracker][master] libav: jessie triage update

Sylvain Beucler beuc at debian.org
Thu Dec 5 16:42:42 GMT 2019 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
553c2d1c by Sylvain Beucler at 2019-12-05T16:41:44Z
libav: jessie triage update
CVE-2018-18829
CVE-2018-11224
CVE-2017-18247
CVE-2017-18246
CVE-2017-18245
CVE-2017-18244
CVE-2017-18243
CVE-2017-18242
CVE-2016-9824
CVE-2016-9823

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -62572,7 +62572,10 @@ CVE-2018-18830 (An issue was discovered in com\mingsoft\basic\action\web\FileAct
 	NOT-FOR-US: MCMS
 CVE-2018-18829 (There exists a NULL pointer dereference in ff_vc1_parse_frame_header_a ...)
 	- libav <removed>
+	[jessie] - libav <postponed> (Minor issue, clean crash, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1136
+	NOTE: ffmpeg PoC crash fixed but different vector:
+	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c79cf0129edafc388ba1c47cd7b6a620557e48de
 CVE-2018-18828 (There exists a heap-based buffer overflow in vc1_decode_i_block_adv in ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
@@ -82923,7 +82926,10 @@ CVE-2018-11225 (The dcputs function in decompile.c in libming through 0.4.8 mish
 	NOTE: https://github.com/libming/libming/issues/143
 CVE-2018-11224 (An issue was discovered in Libav 12.3. A read access violation in the  ...)
 	- libav <removed> (low)
+	[jessie] - libav <postponed> (Minor issue, oob read, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1129
+	NOTE: ffmpeg PoC crash fixed but different vector:
+	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/7248e735599bad765e1ef39c3ea9a6d469d74049
 CVE-2018-11223 (XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to exec ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2018-11222 (Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23  ...)
@@ -88938,17 +88944,17 @@ CVE-2018-1000137 (I, Librarian version 4.8 and earlier contains a Cross site Req
 	NOTE: https://github.com/mkucej/i-librarian/issues/121
 CVE-2017-18247 (The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12. ...)
 	- libav <removed> (low)
-	[jessie] - libav <ignored> (Minor issue, not reproducible)
+	[jessie] - libav <ignored> (Minor issue, clean crash, not reproducible)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1089
 	NOTE: referenced patch 27085d1b should protect direct ./avconv vectors but situation is unclear for library vectors
 CVE-2017-18246 (The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows ...)
 	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (Minor issue, oob read, not reproducible, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1095
 CVE-2017-18245 (The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows rem ...)
-	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1094
+	NOTE: new 2019 PoC crash with non-null, non-asan segfault, 32-bit only
 CVE-2018-8971 (The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, a ...)
 	{DSA-4206-1}
 	- gitlab 10.5.6+dfsg-1 (bug #893905)
@@ -88970,15 +88976,15 @@ CVE-2018-8942 (Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter. ...)
 	NOT-FOR-US: Xiuno BBS
 CVE-2017-18244 (The stereo_processing function in libavcodec/aacps.c in Libav 12.2 all ...)
 	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (not reproducible with 11.12, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1105
 CVE-2017-18243 (The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 1 ...)
 	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (not reproducible with 11.12, 32-bit only, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1088
 CVE-2017-18242 (The apply_dependent_coupling function in libavcodec/aacdec.c in Libav  ...)
 	- libav <removed> (low)
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (not reproducible with 11.12, no patch)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1093
 CVE-2018-8941 (Diagnostics functionality on D-Link DSL-3782 devices with firmware EU  ...)
 	NOT-FOR-US: D-Link
@@ -159091,14 +159097,14 @@ CVE-2016-9825 (libswscale/utils.c in libav 11.8 allows remote attackers to cause
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=984
 CVE-2016-9824 (Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remo ...)
 	- libav <removed>
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (Minor issue, usan-only no-crash warning, no patch)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00039-libav-signedintoverflow-swscale_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=983
 CVE-2016-9823 (libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to ca ...)
 	- libav <removed>
-	[jessie] - libav <no-dsa> (Minor issue)
+	[jessie] - libav <ignored> (Minor issue, usan-only no-crash warning, no patch)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00038-libav-uint8_t64-outofbounds-mpegvideo



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/553c2d1c549be0a076fbbd4eab7b5c0f5587ed2f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/553c2d1c549be0a076fbbd4eab7b5c0f5587ed2f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191205/d699e45c/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list