[Git][security-tracker-team/security-tracker][master] new ffmpeg issue

Tue Oct 28 07:33:33 GMT 2025


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dd5d65d8 by Moritz Muehlenhoff at 2025-10-28T08:33:08+01:00
new ffmpeg issue

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2025-12343
+	- ffmpeg <unfixed>
+	[bookworm] - ffmpeg <not-affected> (Vulnerable code not present)
+	NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/b8d5f65b9e89d893f27cf00799dbc15fc0ca2f8e (master)
+	NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/729dd9b2865bedd6a8160ef574db0d391c491bee (n7.1.2)
+	NOTE: Introduced by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/af052f9066a14ab633ef8e0bda49a432771efe74 (n6.1)
 CVE-2025-9164 (Docker Desktop Installer.exe is vulnerable to DLL hijacking due to ins ...)
 	NOT-FOR-US: Docker products not packaged in Debian
 CVE-2025-8432 (Incorrect Default Permissions vulnerability in Centreon Infra Monitori ...)


=====================================
data/DSA/list
=====================================
@@ -129,7 +129,7 @@
 	{CVE-2025-21751 CVE-2025-22103 CVE-2025-22113 CVE-2025-22124 CVE-2025-22125 CVE-2025-23133 CVE-2025-38272 CVE-2025-38306 CVE-2025-38453 CVE-2025-38502 CVE-2025-38556 CVE-2025-38676 CVE-2025-38677 CVE-2025-38730 CVE-2025-38732 CVE-2025-38733 CVE-2025-38734 CVE-2025-38735 CVE-2025-38736 CVE-2025-38737 CVE-2025-39673 CVE-2025-39675 CVE-2025-39676 CVE-2025-39679 CVE-2025-39681 CVE-2025-39682 CVE-2025-39683 CVE-2025-39684 CVE-2025-39685 CVE-2025-39686 CVE-2025-39687 CVE-2025-39689 CVE-2025-39691 CVE-2025-39692 CVE-2025-39693 CVE-2025-39694 CVE-2025-39695 CVE-2025-39697 CVE-2025-39698 CVE-2025-39700 CVE-2025-39701 CVE-2025-39702 CVE-2025-39703 CVE-2025-39705 CVE-2025-39706 CVE-2025-39707 CVE-2025-39709 CVE-2025-39710 CVE-2025-39711 CVE-2025-39712 CVE-2025-39713 CVE-2025-39714 CVE-2025-39715 CVE-2025-39716 CVE-2025-39718 CVE-2025-39719 CVE-2025-39720 CVE-2025-39721 CVE-2025-39722 CVE-2025-39723 CVE-2025-39724 CVE-2025-39759 CVE-2025-39765 CVE-2025-39766 CVE-2025-39767 CVE-2025-39770 CVE-2025-39772 CVE-2025-39773 CVE-2025-39776 CVE-2025-39779 CVE-2025-39780 CVE-2025-39781 CVE-2025-39782 CVE-2025-39783 CVE-2025-39787 CVE-2025-39788 CVE-2025-39790 CVE-2025-39791 CVE-2025-39800 CVE-2025-39801 CVE-2025-39805 CVE-2025-39806 CVE-2025-39807 CVE-2025-39808 CVE-2025-39810 CVE-2025-39811 CVE-2025-39812 CVE-2025-39813 CVE-2025-39815 CVE-2025-39817 CVE-2025-39819 CVE-2025-39823 CVE-2025-39824 CVE-2025-39825 CVE-2025-39826 CVE-2025-39827 CVE-2025-39828 CVE-2025-39829 CVE-2025-39831 CVE-2025-39832 CVE-2025-39835 CVE-2025-39836 CVE-2025-39838 CVE-2025-39839 CVE-2025-39841 CVE-2025-39842 CVE-2025-39843 CVE-2025-39844 CVE-2025-39845 CVE-2025-39846 CVE-2025-39847 CVE-2025-39848 CVE-2025-39849 CVE-2025-39850 CVE-2025-39851 CVE-2025-39852 CVE-2025-39853 CVE-2025-39854 CVE-2025-39857 CVE-2025-39860 CVE-2025-39861 CVE-2025-39863 CVE-2025-39864 CVE-2025-39865 CVE-2025-39866 CVE-2025-40300}
 	[trixie] - linux 6.12.48-1
 [21 Sep 2025] DSA-6007-1 ffmpeg - security update
-	{CVE-2025-1594 CVE-2025-7700 CVE-2025-10256 CVE-2025-59731 CVE-2025-59732 CVE-2025-59733}
+	{CVE-2025-1594 CVE-2025-7700 CVE-2025-10256 CVE-2025-59731 CVE-2025-59732 CVE-2025-59733 CVE-2025-12343}
 	[trixie] - ffmpeg 7:7.1.2-0+deb13u1
 [19 Sep 2025] DSA-6006-1 jetty12 - security update
 	{CVE-2025-5115}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd5d65d840e23d04744f0c8448dd09e61bfc26c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd5d65d840e23d04744f0c8448dd09e61bfc26c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251028/a183ef95/attachment-0001.htm>
