[Git][security-tracker-team/security-tracker][master] CVE-2017-7863: libav in jessie is partially affected by it.

Mike Gabriel sunweaver at debian.org
Tue Jan 22 15:45:24 GMT 2019


Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f856ee7b by Mike Gabriel at 2019-01-22T15:45:03Z
CVE-2017-7863: libav in jessie is partially affected by it.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -98589,8 +98589,9 @@ CVE-2017-7864 (FreeType 2 before 2017-02-02 has an out-of-bounds write caused by
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
 CVE-2017-7863 (FFmpeg before 2017-02-04 has an out-of-bounds write caused by a ...)
 	- ffmpeg 7:3.2.4-1
-	- libav <undetermined>
+	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e477f09d0b3619f3d29173b2cd593e17e2d1978e
+	NOTE: libav in jessie only supports transparency with RGB palette, only parts of the upstream fix apply
 CVE-2017-7862 (FFmpeg before 2017-02-07 has an out-of-bounds write caused by a ...)
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.4-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f856ee7b9d74b10cae32fd9388a1111db224acc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f856ee7b9d74b10cae32fd9388a1111db224acc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190122/e49150b7/attachment.html>


More information about the debian-security-tracker-commits mailing list