summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2020-07-07 20:08:23 +0200
committerMoritz Muehlenhoff <jmm@debian.org>2020-07-07 20:08:23 +0200
commit401821e558bf43a919d0c6fd60197f9ce6921ede (patch)
tree4a081a066b132918c6f21087e3f0b37332c03317
parent40fd106f911d0e6be546bdfc8e8c6cf7c2e03f21 (diff)
ffmpeg updates
-rw-r--r--data/CVE/list6
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list
index aae4d22284..5ae9bdd9bb 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3248,7 +3248,10 @@ CVE-2020-14213 (In Zammad before 3.3.1, a Customer has ticket access that should
- zammad <itp> (bug #841355)
CVE-2020-14212 (FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in ...)
- ffmpeg <unfixed>
+ [buster] - ffmpeg <not-affected> (Vulnerable code not present)
+ [stretch] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE: https://trac.ffmpeg.org/ticket/8716
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b3bd001ac1745d9d008a2d195817df57d7d1d14
CVE-2020-14211
RESERVED
CVE-2020-14210 (MONITORAPP AIWAF-VE and AIWAF-4000 through 2020-06-16 allow reflected ...)
@@ -45142,7 +45145,6 @@ CVE-2019-17543 (LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32
CVE-2019-17542 (FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk ...)
{DLA-2021-1}
- ffmpeg 7:4.2.1-1
- [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
- libav <removed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2
@@ -45170,7 +45172,6 @@ CVE-2019-17540 (ImageMagick before 7.0.8-54 has a heap-based buffer overflow in
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4ba4dc73b7e38bb66c57d457f17ab4aeb9b6bbdc
CVE-2019-17539 (In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NUL ...)
- ffmpeg 7:4.2.1-1 (low)
- [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
- libav <removed> (low)
[jessie] - libav <not-affected> (Vulnerable code introduced in v12.x)
@@ -59007,7 +59008,6 @@ CVE-2019-13391 (In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier
NOTE: which seems to be the actual patch for this issue.
CVE-2019-13390 (In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in l ...)
- ffmpeg 7:4.2.1-1 (low; bug #932535)
- [buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
NOTE: https://trac.ffmpeg.org/ticket/7979
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=aef24efb0c1e65097ab77a4bf9264189bdf3ace3

© 2014-2024 Faster IT GmbH | imprint | privacy policy