Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker
Commits: bd9d9707 by Mike Gabriel at 2019-08-31T21:49:05Z data/dla-needed.txt: re-add libav and re-claim it - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -57,6 +57,18 @@ imagemagick -- irssi (Mike Gabriel) -- +libav (Mike Gabriel) + NOTE: 20190831: There are currently 19 CVE issues known for libav in jessie, + NOTE: 20190831: 11 tagged as <no-dsa>. These issues have been triaged, no patch + NOTE: 20190831: has been found, so far. If you pick libav, be prepared to work + NOTE: 20190831: out what these patches might be. + NOTE: 20190831: What helps... Most issues have been resolved in ffmpeg, but + NOTE: 20190831: have not been referenced as such. The upstream bug reports + NOTE: 20190831: for libav have often been debugged very accurately, so that it is + NOTE: 20190831: possible to derive from the libav bug report which ffmpeg commit + NOTE: 20190831: might fix the issue. Furthermore, most libav bugs have PoCs, + NOTE: 20190831: so there is something one can test with and see if the fix worked. +-- libcommons-compress-java NOTE: 20190830: no patch reference found (sunweaver) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd9d9707bb4fafd56ef824ee6fb6ad9dda8e788b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd9d9707bb4fafd56ef824ee6fb6ad9dda8e788b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
