diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-06-02 17:12:13 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-06-02 17:12:13 +0200 |
commit | e4cdf249b62391ed660cdd1046de688551c03a6f (patch) | |
tree | cf8688fa7e237efab75b0fbb5b60863a7b2d2eb2 /data/CVE/list.2014 | |
parent | c36f39e59fe3e7d7db0e71bb2729f15df5a7cb61 (diff) |
Switch several git.videolan.org references to access via https
Diffstat (limited to 'data/CVE/list.2014')
-rw-r--r-- | data/CVE/list.2014 | 42 |
1 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/list.2014 b/data/CVE/list.2014 index 5ef0fa04ef..dd1bf7f181 100644 --- a/data/CVE/list.2014 +++ b/data/CVE/list.2014 @@ -2430,12 +2430,12 @@ CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for - libav 6:11.3-1 (bug #775593) NOTE: Applies to 0.8, but in different file (utvideo.c) NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0ce3a0f9d9523a9bcad4c6d451ca5bbd7a4f420d - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5. ...) - ffmpeg 7:2.5.1-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd CVE-2014-9602 (libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits a ...) - ffmpeg 7:2.5.1-1 [squeeze] - ffmpeg <not-affected> (Vulnerable code not present) @@ -3456,23 +3456,23 @@ CVE-2014-9319 (The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FF - libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk) - ffmpeg 2.4.4-1 [squeeze] - ffmpeg <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ea38e5a6b75706477898eb1e6582d667dbb9946c + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=ea38e5a6b75706477898eb1e6582d667dbb9946c CVE-2014-9318 (The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, ...) - libav <not-affected> (Vulnerable code not present, format not supported) - ffmpeg 2.4.4-1 [squeeze] - ffmpeg <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1d3a3b9f8907625b361420d48fe05716859620ff + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=1d3a3b9f8907625b361420d48fe05716859620ff CVE-2014-9317 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before ...) {DLA-1611-1} - libav <removed> - ffmpeg 2.4.4-1 [squeeze] - ffmpeg <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8 CVE-2014-9316 (The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg befor ...) - libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk) - ffmpeg 2.4.4-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0eecf40935b22644e6cd74c586057237ecfd6844 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=0eecf40935b22644e6cd74c586057237ecfd6844 CVE-2014-9315 RESERVED CVE-2014-9314 @@ -5380,45 +5380,45 @@ CVE-2014-8549 (libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the [squeeze] - ffmpeg <not-affected> (Vulnerable code not present) - libav 6:11.2-1 (bug #773626) [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=550f3e9df3410b3dd975e590042c0d83e20a8da3 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=550f3e9df3410b3dd975e590042c0d83e20a8da3 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=cee4490b521fd0d02476d46aa2598af24fb8d686 CVE-2014-8548 (Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows rem ...) {DSA-3189-1} - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.2-1 (bug #773626) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c727401aa9d62335e89d118a5b4e202edf39d905 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=c727401aa9d62335e89d118a5b4e202edf39d905 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=d423dd72be451462c6fb1cbbe313bed0194001ab CVE-2014-8547 (libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute i ...) {DSA-3189-1} - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.2-1 (bug #773626) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f1457864be8fb9653643519dea1c6492f1dde57 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f1457864be8fb9653643519dea1c6492f1dde57 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0b39ac6f54505a538c21fe49a626de94c518c903 CVE-2014-8546 (Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allow ...) - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e7e5114c506957f40aafd794e06de1a7e341e9d5 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=e7e5114c506957f40aafd794e06de1a7e341e9d5 CVE-2014-8545 (libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-blac ...) - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6 CVE-2014-8544 (libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bi ...) {DSA-3189-1} - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.3-1 (bug #773626) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=ae5e1f3d663a8c9a532d89e588cbc61f171c9186 CVE-2014-8543 (libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all line ...) {DSA-3189-1} - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.2-1 (bug #773626) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=17ba719d9ba30c970f65747f42d5fbb1e447ca28 CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID dur ...) {DLA-1654-1} @@ -5426,14 +5426,14 @@ CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec I [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.2-1 (bug #773626) [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=105654e376a736d243aef4a1d121abebce912e6b + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=105654e376a736d243aef4a1d121abebce912e6b NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=88626e5af8d006e67189bf10b96b982502a7e8ad CVE-2014-8541 (libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension ...) - ffmpeg 7:2.4.3-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav 6:11.2-1 (bug #773626) [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5c378d6a6df8243f06c87962b873bd563e58cd39 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=5c378d6a6df8243f06c87962b873bd563e58cd39 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=809c3023b699c54c90511913d3b6140dd2436550 CVE-2014-8539 (Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 an ...) NOT-FOR-US: Simple Email @@ -7202,7 +7202,7 @@ CVE-2014-7937 (Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg be - libav <not-affected> (bug #785326; can't reproduce the issue) [jessie] - libav <not-affected> (Can't reproduce the issue) [wheezy] - libav <not-affected> (Can't reproduce the issue) - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c50704ebf1777bee76772c4835d9760b3721057 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c50704ebf1777bee76772c4835d9760b3721057 CVE-2014-7936 (Use-after-free vulnerability in the ZoomBubbleView::Close function in ...) - chromium-browser 40.0.2214.91-1 [wheezy] - chromium-browser <end-of-life> @@ -7223,7 +7223,7 @@ CVE-2014-7933 (Use-after-free vulnerability in the matroska_read_seek function i - ffmpeg 7:2.5.1-1 [squeeze] - ffmpeg <end-of-life> - libav 6:11.3-1 - NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682 + NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682 NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682 CVE-2014-7932 (Use-after-free vulnerability in the Element::detach function in core/d ...) - chromium-browser 40.0.2214.91-1 @@ -13348,13 +13348,13 @@ CVE-2014-5272 (libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2 - ffmpeg 7:2.4.1-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770 NOTE: <lu_zero> Does not apply to Libav at all. CVE-2014-5271 (Heap-based buffer overflow in the encode_slice function in libavcodec/ ...) - ffmpeg <not-affected> (Vulnerable code not present) - libav 6:11-1 [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803 NOTE: new ffmpeg now in experimental, CVE fixed in 7:2.4-1 NOTE: https://git.libav.org/?p=libav.git;a=commitdiff;h=45ce880a9b3e50cfa088f111dffaf8685bd7bc6b CVE-2014-5262 (SQL injection vulnerability in the graph settings script (graph_settin ...) @@ -14990,7 +14990,7 @@ CVE-2014-4611 (Integer overflow in the LZ4 algorithm implementation, as used in CVE-2014-4610 (Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg ...) - ffmpeg 7:2.4.1-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - NOTE: Fixed in http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f53be1743ee + NOTE: Fixed in https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f53be1743ee CVE-2014-4609 (Integer overflow in the get_len function in libavutil/lzo.c in Libav b ...) {DSA-2977-1} - libav 6:10.2-1 @@ -21218,7 +21218,7 @@ CVE-2014-2263 (The mpegts_write_pmt function in the MPEG2 transport stream (aka {DSA-3003-1} - ffmpeg 7:2.4.1-1 [squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=842b6c14bcfc1c5da1a2d288fd65386eb8c158ad + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=842b6c14bcfc1c5da1a2d288fd65386eb8c158ad - libav 6:10.4-1 NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257 CVE-2014-2262 (Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9 ...) |