[Git][security-tracker-team/security-tracker][master] Track fixed version for ffmpeg CVEs via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 4 22:21:36 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ff594770 by Salvatore Bonaccorso at 2021-06-04T23:21:00+02:00
Track fixed version for ffmpeg CVEs via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57957,7 +57957,7 @@ CVE-2020-22034 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at
NOTE: https://trac.ffmpeg.org/ticket/8236
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1331e001796c656a4a3c770a16121c15ec1db2ac
CVE-2020-22033 (A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavf ...)
- - ffmpeg <unfixed> (bug #989439)
+ - ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8246
NOTE: https://trac.ffmpeg.org/ticket/8241
@@ -58019,7 +58019,7 @@ CVE-2020-22022 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=07050d7bdc32d82e53ee5bb727f5882323d00dba
NOTE: https://trac.ffmpeg.org/ticket/8264
CVE-2020-22021 (Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function i ...)
- - ffmpeg <unfixed> (bug #989439)
+ - ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7971f62120a55c141ec437aa3f0bacc1c1a3526b
NOTE: https://trac.ffmpeg.org/ticket/8240
@@ -58030,7 +58030,7 @@ CVE-2020-22020 (Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_ma
NOTE: https://trac.ffmpeg.org/ticket/8239
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765
CVE-2020-22019 (Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in ...)
- - ffmpeg <unfixed> (bug #989439)
+ - ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8246
NOTE: https://trac.ffmpeg.org/ticket/8241
@@ -58048,7 +58048,7 @@ CVE-2020-22016 (A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at liba
NOTE: https://trac.ffmpeg.org/ticket/8183
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145
CVE-2020-22015 (Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due ...)
- - ffmpeg <unfixed> (bug #989439)
+ - ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <ignored> (Minor issue)
[stretch] - ffmpeg <ignored> (Minor issue)
NOTE: https://trac.ffmpeg.org/ticket/8190
@@ -60004,7 +60004,7 @@ CVE-2020-21042
RESERVED
CVE-2020-21041 (Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse ...)
[experimental] - ffmpeg 7:4.4-1
- - ffmpeg <unfixed> (bug #989439)
+ - ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
[stretch] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/7989
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff594770055ef11cb7ac2c22f5e6071ff63a3e85
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff594770055ef11cb7ac2c22f5e6071ff63a3e85
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210604/5df3fb87/attachment.htm>
More information about the debian-security-tracker-commits
mailing list