[Git][security-tracker-team/security-tracker][master] ffmpeg triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 19 09:56:12 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a46ee0a5 by Moritz Muehlenhoff at 2021-10-19T10:55:44+02:00
ffmpeg triage
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85475,15 +85475,19 @@ CVE-2020-20450 (FFmpeg 4.2 is affected by null pointer dereference passed as arg
CVE-2020-20449
RESERVED
CVE-2020-20448 (FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/rate ...)
- - ffmpeg <unfixed> (unimportant)
+ - ffmpeg 7:4.3-2 (unimportant)
NOTE: https://trac.ffmpeg.org/ticket/7990
NOTE: Negligible security impact
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8802e329c8317ca5ceb929df48a23eb0f9e852b2
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=55279d699fa64d8eb1185d8db04ab4ed92e8dea2
CVE-2020-20447
RESERVED
CVE-2020-20446 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy ...)
- ffmpeg <unfixed> (unimportant)
NOTE: https://trac.ffmpeg.org/ticket/7995
NOTE: Negligible security impact
+ NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/223b5e8ac9f6461bb13ed365419ec485c5b2b002
+ NOTE: Pending for 4.4.1
CVE-2020-20445 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, ...)
- ffmpeg <unfixed> (unimportant)
NOTE: https://trac.ffmpeg.org/ticket/7996
=====================================
data/DSA/list
=====================================
@@ -838,7 +838,7 @@
{CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-11743 CVE-2020-15563 CVE-2020-15564 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567}
[buster] - xen 4.11.4+24-gddaaccbbab-1~deb10u1
[08 Jul 2020] DSA-4722-1 ffmpeg - security update
- {CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 CVE-2020-20902}
+ {CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 CVE-2020-20902 CVE-2020-20448}
[buster] - ffmpeg 7:4.1.6-1~deb10u1
[08 Jul 2020] DSA-4721-1 ruby2.5 - security update
{CVE-2020-10663 CVE-2020-10933}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a46ee0a59bde0bf60d22b9a9371e51724a96dfdb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a46ee0a59bde0bf60d22b9a9371e51724a96dfdb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211019/1c85162b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list