Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17c62346 by Salvatore Bonaccorso at 2021-11-12T21:20:08+01:00
Shorten some "in stable" and "in oldstable" wordings to
make it time persistent
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30384,7 +30384,7 @@ CVE-2021-31870 (An issue was discovered in klibc before
2.0.9. Multiplication in
CVE-2020-36332 (A flaw was found in libwebp in versions before 1.0.1. When
reading a f ...)
{DSA-4930-1}
- libwebp 0.6.1-2.1
- [stretch] - libwebp <ignored> (Patch is too destructive to implement it
in oldstable. Minor issue)
+ [stretch] - libwebp <ignored> (Patch is too destructive to implement
it; Minor issue)
NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=391
NOTE:
https://chromium.googlesource.com/webm/libwebp/+/39cb9aad85ca7bb1d193013460db1f8cc6bff109
CVE-2020-36331 (A flaw was found in libwebp in versions before 1.0.1. An
out-of-bounds ...)
@@ -85513,14 +85513,14 @@ CVE-2020-22044 (A Denial of Service vulnerability
exists in FFmpeg 4.2 due to a
NOTE: Negligible security impact
CVE-2020-22043 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to
a memory ...)
- ffmpeg 7:4.3-2 (unimportant)
- [stretch] - ffmpeg <ignored> (Patch is too destructive to implement it
in oldstable. Minor issue)
+ [stretch] - ffmpeg <ignored> (Patch is too destructive to implement it;
Minor issue)
NOTE: https://trac.ffmpeg.org/ticket/8284
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b288a7eb3d963a175e177b6219c8271076ee8590
NOTE: Negligible security impact
CVE-2020-22042 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to
a memory ...)
{DSA-4998-1}
- ffmpeg 7:4.4-5 (unimportant)
- [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly in
oldstable. Minor issue)
+ [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor
issue)
NOTE: https://trac.ffmpeg.org/ticket/8267
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=426c16d61a9b5056a157a1a2a057a4e4d13eef84
CVE-2020-22041 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to
a memory ...)
@@ -85529,12 +85529,12 @@ CVE-2020-22041 (A Denial of Service vulnerability
exists in FFmpeg 4.2 due to a
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3488e0977c671568731afa12b811adce9d4d807f
CVE-2020-22040 (A Denial of Service vulnerability exists in FFmpeg 4.2 idue to
a memor ...)
- ffmpeg 7:4.3-2 (unimportant)
- [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly in
oldstable. Minor issue)
+ [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor
issue)
NOTE: https://trac.ffmpeg.org/ticket/8283
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1a0c584abc9709b1d11dbafef05d22e0937d7d19
CVE-2020-22039 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to
a memory ...)
- ffmpeg 7:4.3-2 (unimportant)
- [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly in
oldstable. Minor issue)
+ [stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor
issue)
NOTE: https://trac.ffmpeg.org/ticket/8302
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a581bb66ea5eb981e2e498ca301df7d1ef15a6a3
CVE-2020-22038 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to
a memory ...)
@@ -260113,9 +260113,9 @@ CVE-2017-15043 (A vulnerability in Sierra Wireless
AirLink GX400, GX440, ES440,
CVE-2017-15042 (An unintended cleartext issue exists in Go before 1.8.4 and
1.9.x befo ...)
- golang-1.9 1.9.1-1
- golang-1.8 1.8.4-1
- [stretch] - golang-1.8 <ignored> (Minor issue, would require rebuilds
of affected go-based packages in stable)
+ [stretch] - golang-1.8 <ignored> (Minor issue, would require rebuilds
of affected go-based packages)
- golang-1.7 <removed>
- [stretch] - golang-1.7 <ignored> (Minor issue, would require rebuilds
of affected go-based packages in stable)
+ [stretch] - golang-1.7 <ignored> (Minor issue, would require rebuilds
of affected go-based packages)
- golang <removed>
[jessie] - golang <ignored> (Minor issue, would require rebuilds of
affected go packages in oldstable)
[wheezy] - golang <not-affected> (Vulnerable code introduced later in
version 1.1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17c62346c8497622c71a1e674f83aef82ce7d64d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17c62346c8497622c71a1e674f83aef82ce7d64d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
