[Git][security-tracker-team/security-tracker][master] new ffmpeg issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 7 08:40:42 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
15415738 by Moritz Muehlenhoff at 2025-01-07T09:40:12+01:00
new ffmpeg issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -394,11 +394,14 @@ CVE-2024-12996
 CVE-2024-12970 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
 	NOT-FOR-US: TUBITAK BILGEM Pardus OS My Computer
 CVE-2023-6605 (A flaw was found in FFmpeg's DASH playlist support. This vulnerability ...)
-	TODO: check
+	- ffmpeg <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334336
 CVE-2023-6604 (A flaw was found in FFmpeg. This vulnerability allows unexpected addit ...)
-	TODO: check
+	- ffmpeg <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334337
 CVE-2023-6601 (A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows by ...)
-	TODO: check
+	- ffmpeg <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2253172
 CVE-2024-56769 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	- linux 6.12.8-1
 	[bookworm] - linux 6.1.123-1
@@ -1582,11 +1585,9 @@ CVE-2023-48775 (Missing Authorization vulnerability in Gfazioli WP Cleanfix allo
 CVE-2023-6603 (A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability  ...)
 	- ffmpeg <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334335
-	TODO: check upstream status
 CVE-2023-6602 (A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows po ...)
 	- ffmpeg <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334338
-	TODO: check upstream status
 CVE-2024-45497 (A flaw was found in the OpenShift build process, where the docker-buil ...)
 	NOT-FOR-US: OpenShift
 CVE-2024-13058 (An issue exists in SoftIron HyperCloud  where authenticated, but non-a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/154157382f98d6e172e938a1fefad2e448240707

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/154157382f98d6e172e938a1fefad2e448240707
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250107/05122430/attachment.htm>

More information about the debian-security-tracker-commits mailing list