[Git][security-tracker-team/security-tracker][master] ffmpeg updates, some n/a, remove one postponed entry for issue fixed in 4.3.6

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08610bfb by Moritz Muehlenhoff at 2023-04-29T19:30:25+02:00
ffmpeg updates, some n/a, remove one postponed entry for issue fixed in 4.3.6

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37587,15 +37587,15 @@ CVE-2022-3966 (A vulnerability, which was classified as critical, has been found
 CVE-2022-3965 (A vulnerability classified as problematic was found in ffmpeg. This vu ...)
 	[experimental] - ffmpeg 7:6.0-1
 	- ffmpeg 7:5.1.3-1
-	[bullseye] - ffmpeg <postponed> (Wait until it lands in 4.3.x)
-	[buster] - ffmpeg <postponed> (Wait until it lands in 4.1.x)
+	[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
+	[buster] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd (n6.0)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/9886e4c3b0880b167dbfdad722fb654c58cdc977 (n5.1.3)
 CVE-2022-3964 (A vulnerability classified as problematic has been found in ffmpeg. Th ...)
 	[experimental] - ffmpeg 7:6.0-1
 	- ffmpeg 7:5.1.3-1
-	[bullseye] - ffmpeg <postponed> (Wait until it lands in 4.3.x)
-	[buster] - ffmpeg <postponed> (Wait until it lands in 4.1.x)
+	[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
+	[buster] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984 (n6.0)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7c234248f859baa35e55c3dbbb7a359eae1c5257 (n5.1.3)
 CVE-2022-45197 (Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLS ...)
@@ -54895,7 +54895,6 @@ CVE-2022-3110 (An issue was discovered in the Linux kernel through 5.16-rc6. _rt
 	NOTE: https://git.kernel.org/linus/f94b47c6bde624d6c07f43054087607c52054a95 (5.19-rc1)
 CVE-2022-3109 (An issue was discovered in the FFmpeg package, where vp3_decode_frame  ...)
 	- ffmpeg 7:5.1-1
-	[bullseye] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.3.x)
 	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568 (n5.1)
 CVE-2022-3108 (An issue was discovered in the Linux kernel through 5.16-rc6. kfd_pars ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08610bfbe0b720f30b44e2c335a713ed6f126bf9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08610bfbe0b720f30b44e2c335a713ed6f126bf9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230429/54de96ce/attachment.htm>