diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-07 20:08:23 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-07 20:08:23 +0200 |
commit | 0bfa67aaf55cfe99591bf30aca3eb3cbd3784e54 (patch) | |
tree | 1d628202b478c325423887c16d4d231f7107b6aa | |
parent | 54198282390d994d8030aa43d10468425dafbaf0 (diff) |
ffmpeg updates
-rw-r--r-- | data/CVE/list.2019 | 3 | ||||
-rw-r--r-- | data/CVE/list.2020 | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 0fb59b5951..4bc27d213b 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -8449,7 +8449,6 @@ CVE-2019-17543 (LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 CVE-2019-17542 (FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk ...) {DLA-2021-1} - ffmpeg 7:4.2.1-1 - [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch) [stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch) - libav <removed> NOTE: https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2 @@ -8477,7 +8476,6 @@ CVE-2019-17540 (ImageMagick before 7.0.8-54 has a heap-based buffer overflow in NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4ba4dc73b7e38bb66c57d457f17ab4aeb9b6bbdc CVE-2019-17539 (In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NUL ...) - ffmpeg 7:4.2.1-1 (low) - [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch) [stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch) - libav <removed> (low) [jessie] - libav <not-affected> (Vulnerable code introduced in v12.x) @@ -19279,7 +19277,6 @@ CVE-2019-13391 (In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier NOTE: which seems to be the actual patch for this issue. CVE-2019-13390 (In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in l ...) - ffmpeg 7:4.2.1-1 (low; bug #932535) - [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch) [stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch) NOTE: https://trac.ffmpeg.org/ticket/7979 NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=aef24efb0c1e65097ab77a4bf9264189bdf3ace3 diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index cdeb26bcac..7288364754 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -2912,7 +2912,10 @@ CVE-2020-14213 (In Zammad before 3.3.1, a Customer has ticket access that should - zammad <itp> (bug #841355) CVE-2020-14212 (FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in ...) - ffmpeg <unfixed> + [buster] - ffmpeg <not-affected> (Vulnerable code not present) + [stretch] - ffmpeg <not-affected> (Vulnerable code not present) NOTE: https://trac.ffmpeg.org/ticket/8716 + NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b3bd001ac1745d9d008a2d195817df57d7d1d14 CVE-2020-14211 RESERVED CVE-2020-14210 (MONITORAPP AIWAF-VE and AIWAF-4000 through 2020-06-16 allow reflected ...) |