[Git][security-tracker-team/security-tracker][master] Add CVE-2026-40962 to DSA-6276-1

Fri May 15 22:30:58 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e75412bf by Salvatore Bonaccorso at 2026-05-15T23:30:24+02:00
Add CVE-2026-40962 to DSA-6276-1

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18579,7 +18579,6 @@ CVE-2026-41015 (radare2 before 9236f44, when configured on UNIX without SSL, all
 CVE-2026-40962 (FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds  ...)
 	{DSA-6268-1}
 	- ffmpeg 7:8.1-1
-	[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 5.1 branch)
 	[bullseye] - ffmpeg <postponed> (minor issue)
 	NOTE: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22348
 	NOTE: Fixed by: https://code.ffmpeg.org/FFmpeg/FFmpeg/commit/e392fb8c9c3949d975531d2b23c645d2465a7ebc (n8.1)


=====================================
data/DSA/list
=====================================
@@ -1,4 +1,5 @@
 [15 May 2026] DSA-6276-1 ffmpeg - security update
+	{CVE-2026-40962}
 	[bookworm] - ffmpeg 7:5.1.9-0+deb12u1
 [15 May 2026] DSA-6275-1 linux - security update
 	{CVE-2026-46333}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e75412bf966913033c262bb732156dff3ec225cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e75412bf966913033c262bb732156dff3ec225cd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260515/38eae4af/attachment.htm>
