[Git][security-tracker-team/security-tracker][master] more ffmpeg issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jun 2 14:57:00 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a690c33 by Moritz Muehlenhoff at 2021-06-02T15:56:49+02:00
more ffmpeg issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57780,15 +57780,26 @@ CVE-2020-22040 (A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a
 	NOTE: https://trac.ffmpeg.org/ticket/8283
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1a0c584abc9709b1d11dbafef05d22e0937d7d19
 CVE-2020-22039 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
-	TODO: check
+	- ffmpeg 7:4.3-2 (unimportant)
+	NOTE: https://trac.ffmpeg.org/ticket/8302
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a581bb66ea5eb981e2e498ca301df7d1ef15a6a3
 CVE-2020-22038 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
-	TODO: check
+	- ffmpeg <unfixed> (unimportant)
+	NOTE: https://trac.ffmpeg.org/ticket/8285
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7c32e9cf93b712f8463573a59ed4e98fd10fa013
 CVE-2020-22037 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
-	TODO: check
+	- ffmpeg <unfixed> (unimportant)
+	NOTE: https://trac.ffmpeg.org/ticket/8281
 CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
-	TODO: check
+	- ffmpeg 7:4.3-2
+	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
+	NOTE: https://trac.ffmpeg.org/ticket/8261
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8c3166e1c302c3ba80d9742ae46161c0fa8e2606
 CVE-2020-22035 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get ...)
-	TODO: check
+	- ffmpeg 7:4.3-2
+	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
+	NOTE: https://trac.ffmpeg.org/ticket/8262
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=0749082eb93ea02fa4b770da86597450cec84054
 CVE-2020-22034 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavf ...)
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a690c330381f859c353d1f64b49c7452e738aef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a690c330381f859c353d1f64b49c7452e738aef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210602/a61e1723/attachment.htm>

More information about the debian-security-tracker-commits mailing list