[Git][security-tracker-team/security-tracker][master] Add upstream tag information for some ffmpeg references

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 18 22:45:55 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32ae551d by Salvatore Bonaccorso at 2024-04-18T23:45:11+02:00
Add upstream tag information for some ffmpeg references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -444,7 +444,7 @@ CVE-2024-31581 (FFmpeg version n6.1 was discovered to contain an improper valida
 	- ffmpeg <unfixed>
 	[bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
 	[bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
-	NOTE: Fixed by https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196
+	NOTE: Fixed by https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196 (n7.0)
 CVE-2024-31580 (PyTorch before v2.2.0 was discovered to contain a heap buffer overflow ...)
 	- pytorch <unfixed>
 	NOTE: https://github.com/pytorch/pytorch/commit/b5c3a17c2c207ebefcb85043f0cf94be9b2fef81
@@ -453,7 +453,7 @@ CVE-2024-31578 (FFmpeg version n6.1.1 was discovered to contain a heap use-after
 	- ffmpeg <unfixed>
 	[bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
 	[bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
-	NOTE: Fixed by https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7
+	NOTE: Fixed by https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7 (n7.0)
 CVE-2024-31463 (Ironic-image is an OpenStack Ironic deployment packaged and configured ...)
 	TODO: check
 CVE-2024-31041 (Null Pointer Dereference vulnerability in topic_filtern function in mq ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32ae551d8aeb5ede1a834951a057e3011ade994d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32ae551d8aeb5ede1a834951a057e3011ade994d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240418/c259ae5a/attachment.htm>

More information about the debian-security-tracker-commits mailing list