[Git][security-tracker-team/security-tracker][master] CVE-2022-3109,CVE-2022-3341/ffmpeg: update buster status

Sylvain Beucler (@beuc) beuc at debian.org
Tue Jun 13 09:15:25 BST 2023 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
411dee3e by Sylvain Beucler at 2023-06-13T10:15:08+02:00
CVE-2022-3109,CVE-2022-3341/ffmpeg: update buster status

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54548,9 +54548,9 @@ CVE-2022-3342
 CVE-2022-3341 (A null pointer dereference issue was discovered in 'FFmpeg' in decode_ ...)
 	- ffmpeg 7:5.1-1
 	[bullseye] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.3.x)
-	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2157054
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e (n5.1)
+	NOTE: https://github.com/FFmpeg/FFmpeg/commit/08f0a18c3488b2fb8297ebba3684792da8a6606e (n4.1.11)
 CVE-2022-3340 (XML External Entity (XXE) vulnerability in Trellix IPS Manager prior t ...)
 	NOT-FOR-US: Trellix IPS Manager
 CVE-2022-3339 (A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5 ...)
@@ -59074,8 +59074,8 @@ CVE-2022-3110 (An issue was discovered in the Linux kernel through 5.16-rc6. _rt
 CVE-2022-3109 (An issue was discovered in the FFmpeg package, where vp3_decode_frame  ...)
 	{DSA-5394-1}
 	- ffmpeg 7:5.1-1
-	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568 (n5.1)
+	NOTE: https://github.com/FFmpeg/FFmpeg/commit/51efa68ec0b4f42b5b124b8987fb68f60a929c4f (n4.1.11)
 CVE-2022-3108 (An issue was discovered in the Linux kernel through 5.16-rc6. kfd_pars ...)
 	- linux 5.16.7-1
 	NOTE: https://git.kernel.org/linus/abfaf0eee97925905e742aa3b0b72e04a918fa9e (5.17-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/411dee3ef9f1f24c3ebe6548afa62d4ce31c72fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/411dee3ef9f1f24c3ebe6548afa62d4ce31c72fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230613/2cccc211/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list