[Git][security-tracker-team/security-tracker][master] new ffmpeg issue (originally from Chromium)

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Aug 1 16:12:28 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8aeaf622 by Moritz Mühlenhoff at 2023-08-01T17:12:12+02:00
new ffmpeg issue (originally from Chromium)

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26777,7 +26777,13 @@ CVE-2022-4908 (Inappropriate implementation in iFrame Sandbox in Google Chrome p
 	- chromium 107.0.5304.68-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4907 (Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 al ...)
-	TODO: check
+	{DSA-5293-1}
+	- chromium 108.0.5359.71-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
+	- ffmpeg 7:6.0-4
+	[bookworm] - ffmpeg <postponed> (Minor issue, wait until it lands in 5.1.x)
+	[bullseye] - ffmpeg <postponed> (Minor issue, wait until it lands in 4.3.x)
+	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/e601ec3c1991ee09ff45db3be4d894e5774f6f2b (n6.0)
 CVE-2022-4906 (Inappropriate implementation in Blink in Google Chrome prior to 108.0. ...)
 	{DSA-5293-1}
 	- chromium 108.0.5359.71-1


=====================================
data/DSA/list
=====================================
@@ -539,7 +539,7 @@
 	{CVE-2021-34055 CVE-2022-41751}
 	[bullseye] - jhead 1:3.04-6+deb11u1
 [03 Dec 2022] DSA-5293-1 chromium - security update
-	{CVE-2022-4174 CVE-2022-4175 CVE-2022-4176 CVE-2022-4177 CVE-2022-4178 CVE-2022-4179 CVE-2022-4180 CVE-2022-4181 CVE-2022-4182 CVE-2022-4183 CVE-2022-4184 CVE-2022-4185 CVE-2022-4186 CVE-2022-4187 CVE-2022-4188 CVE-2022-4189 CVE-2022-4190 CVE-2022-4191 CVE-2022-4192 CVE-2022-4193 CVE-2022-4194 CVE-2022-4195 CVE-2022-4906}
+	{CVE-2022-4174 CVE-2022-4175 CVE-2022-4176 CVE-2022-4177 CVE-2022-4178 CVE-2022-4179 CVE-2022-4180 CVE-2022-4181 CVE-2022-4182 CVE-2022-4183 CVE-2022-4184 CVE-2022-4185 CVE-2022-4186 CVE-2022-4187 CVE-2022-4188 CVE-2022-4189 CVE-2022-4190 CVE-2022-4191 CVE-2022-4192 CVE-2022-4193 CVE-2022-4194 CVE-2022-4195 CVE-2022-4906 CVE-2022-4907}
 	[bullseye] - chromium 108.0.5359.71-2~deb11u1
 [01 Dec 2022] DSA-5292-1 snapd - security update
 	{CVE-2022-3328}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aeaf62207e6a84ff1c3853f48eafcdb363d26a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aeaf62207e6a84ff1c3853f48eafcdb363d26a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230801/19685452/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list