Author: jmm
Date: 2014-02-05 16:00:20 +0000 (Wed, 05 Feb 2014)
New Revision: 25528
Modified:
data/CVE/list
Log:
libav triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-05 15:19:56 UTC (rev 25527)
+++ data/CVE/list 2014-02-05 16:00:20 UTC (rev 25528)
@@ -2627,6 +2627,7 @@
- libav <unfixed>
- ffmpeg <removed>
NOTE: Fix in ffmpeg:
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
+ NOTE: Fix in libav:
http://git.libav.org/?p=libav.git;a=commit;h=82b9799bb211ecd117171115e4a8b832c4942314
CVE-2012-6616 (The mov_text_decode_frame function in libavcodec/movtextdec.c
in ...)
- libav <not-affected> (Vulnerable code not present in libav)
- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
@@ -20787,11 +20788,11 @@
NOTE: Fix in ffmpeg:
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fd4f4923cce6a2cbf4f48640b4ac706e614a1594
NOTE: Fix in libav:
http://git.libav.org/?p=libav.git;a=commit;h=78aa2ed620178044a227fbbe48f749c0dc86023f
CVE-2013-0855 (Integer overflow in the alac_decode_close function in ...)
- - ffmpeg <removed>
+ - ffmpeg <not-affected> (0.5 series not affected)
- libav 6:9.9-1 (bug #717009)
+ [wheezy] - libav <not-affected> (0.8 series not affected)
NOTE: Fix in ffmpeg:
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3920d1387834e2bc334aff9f518f4beb24e470bd
NOTE: Fix in libav:
http://git.libav.org/?p=libav.git;a=commit;h=f7c5883126f9440547933eefcf000aa78af4821c
- NOTE: Needed in ffmpeg 0.5
CVE-2013-0854 (The mjpeg_decode_scan_progressive_ac function in
libavcodec/mjpegdec.c ...)
{DSA-2793-1}
- ffmpeg <removed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
