[Git][security-tracker-team/security-tracker][master] ffmpeg DSA

Sun Dec 7 16:13:14 GMT 2025


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
590fac7f by Moritz Mühlenhoff at 2025-12-07T17:12:18+01:00
ffmpeg DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -96202,7 +96202,6 @@ CVE-2025-25474 (DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow vi
 	NOTE: Fixed by: https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847
 CVE-2025-25473 (FFmpeg git master before commit c08d30 was discovered to contain a NUL ...)
 	- ffmpeg <unfixed>
-	[trixie] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 7.1 branch)
 	[bookworm] - ffmpeg <not-affected> (Vulnerable code introduced later; ff_flush_packet_queue() is always called)
 	[bullseye] - ffmpeg <not-affected> (Vulnerable code introduced later; ff_flush_packet_queue() is always called)
 	NOTE: https://trac.ffmpeg.org/ticket/11419


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Dec 2025] DSA-6073-1 ffmpeg - security update
+	{CVE-2025-25473}
+	[trixie] - ffmpeg 7:7.1.3-0+deb13u1
 [04 Dec 2025] DSA-6072-1 chromium - security update
 	{CVE-2025-13630 CVE-2025-13631 CVE-2025-13632 CVE-2025-13633 CVE-2025-13634 CVE-2025-13635 CVE-2025-13636 CVE-2025-13637 CVE-2025-13638 CVE-2025-13639 CVE-2025-13640 CVE-2025-13720 CVE-2025-13721}
 	[bookworm] - chromium 143.0.7499.40-1~deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590fac7f6018ca57256c3f5cdeb84741ccbd7af8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590fac7f6018ca57256c3f5cdeb84741ccbd7af8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251207/51fb9598/attachment.htm>
