diff options
author | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-02-01 05:05:46 +0000 |
---|---|---|
committer | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-02-01 05:05:46 +0000 |
commit | 2fa780476d054dbf488cda07709d1ff2b5fd0db5 (patch) | |
tree | 9ccbfd8276d7bb07a81f9e00c849b66f05c0ada6 | |
parent | d5f5e5f22d762ab890fef073b3c265f6e6526103 (diff) |
info on ffmpeg issues
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@16024 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index cc94729de2..b8c08139b7 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -109,11 +109,13 @@ CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth [lenny] - pam <no-dsa> (Minor issue) [squeeze] - pam <no-dsa> (Minor issue) CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in ...) - - ffmpeg <unfixed> (bug #611495) - - ffmpeg-debian <removed> + - ffmpeg <not-affected> (issue introduced in 0.6.x series; bug #611495) + - ffmpeg-debian <not-affected> (issue introduced in 0.6.x series) + NOTE: recheck when 0.6.x gets uploaded CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...) - - ffmpeg <unfixed> (bug #611495) - - ffmpeg-debian <removed> + - ffmpeg <unfixed> (low; bug #611495) + - ffmpeg-debian <removed> (low) + NOTE: this is a crash found by fuzzing and not clearly exploitable (can be combined with other fixes so low urgency) CVE-2010-XXXX - redmine 1.0.5-1 (bug #608397) NOTE: http://www.redmine.org/news/49 |