[Git][security-tracker-team/security-tracker][master] add missing explanation for not-affected CVE entries
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 10 20:56:05 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8658749f by Salvatore Bonaccorso at 2021-07-10T21:55:36+02:00
add missing explanation for not-affected CVE entries
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64188,19 +64188,19 @@ CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2
CVE-2020-22035 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get ...)
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
- [stretch] - ffmpeg <not-affected>
+ [stretch] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE: https://trac.ffmpeg.org/ticket/8262
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0749082eb93ea02fa4b770da86597450cec84054
CVE-2020-22034 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavf ...)
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
- [stretch] - ffmpeg <not-affected>
+ [stretch] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE: https://trac.ffmpeg.org/ticket/8236
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1331e001796c656a4a3c770a16121c15ec1db2ac
CVE-2020-22033 (A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavf ...)
- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
- [stretch] - ffmpeg <not-affected>
+ [stretch] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE: https://trac.ffmpeg.org/ticket/8246
NOTE: https://trac.ffmpeg.org/ticket/8241
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=82ad1b76751bcfad5005440db48c46a4de5d6f02
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8658749fc73fdeb91bd67ed6baadc19218541894
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8658749fc73fdeb91bd67ed6baadc19218541894
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210710/be07b8f3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list