[Git][security-tracker-team/security-tracker][master] 2 commits: Update information for CVE-2020-20902
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 22 15:56:50 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
763a7360 by Salvatore Bonaccorso at 2021-09-22T16:55:13+02:00
Update information for CVE-2020-20902
The respective commits were backported where relevant to the release/4.1
in 4.1.5 and release/4.2 in 4.2.2.
- - - - -
786d7940 by Salvatore Bonaccorso at 2021-09-22T16:56:25+02:00
Add CVE-2020-20902 for DSA 4722-1
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80114,11 +80114,13 @@ CVE-2020-20904
CVE-2020-20903
RESERVED
CVE-2020-20902 (A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter ...)
- - ffmpeg 7:4.3-2
- [buster] - ffmpeg <ignored> (Minor issue)
+ - ffmpeg 7:4.2.2-1
NOTE: https://trac.ffmpeg.org/ticket/8176
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5f0acc5064ed501cb40d4aaccae2b3ce5c4552fd
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2c78a76cb0443f8a12a5eadc3b58373aa2f4ab22
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5f0acc5064ed501cb40d4aaccae2b3ce5c4552fd (4.3)
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2c78a76cb0443f8a12a5eadc3b58373aa2f4ab22 (4.3)
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b97aaf791f6ea3506a6252ecef6a1a0e9a542e04 (4.2.2)
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=81672bf00f3b5a3c025034f4b2e33d67b72f3839 (4.2.2)
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a0c91fb0f0641f9f35f650281a176657907097cf (4.1.5)
CVE-2020-20901 (Buffer Overflow vulnerability in function filter_frame in libavfilter/ ...)
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
=====================================
data/DSA/list
=====================================
@@ -794,7 +794,7 @@
{CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-11743 CVE-2020-15563 CVE-2020-15564 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567}
[buster] - xen 4.11.4+24-gddaaccbbab-1~deb10u1
[08 Jul 2020] DSA-4722-1 ffmpeg - security update
- {CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904}
+ {CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 CVE-2020-20902}
[buster] - ffmpeg 7:4.1.6-1~deb10u1
[08 Jul 2020] DSA-4721-1 ruby2.5 - security update
{CVE-2020-10663 CVE-2020-10933}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1544e604d1957b9dfedb7c586fe9397b9295cfe8...786d7940714444cb0c6c6e8af583085bde6766cb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1544e604d1957b9dfedb7c586fe9397b9295cfe8...786d7940714444cb0c6c6e8af583085bde6766cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210922/9ca61a08/attachment.htm>
More information about the debian-security-tracker-commits
mailing list