diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-06-02 17:12:13 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-06-02 17:12:13 +0200 |
commit | e4cdf249b62391ed660cdd1046de688551c03a6f (patch) | |
tree | cf8688fa7e237efab75b0fbb5b60863a7b2d2eb2 /data/CVE/list.2015 | |
parent | c36f39e59fe3e7d7db0e71bb2729f15df5a7cb61 (diff) |
Switch several git.videolan.org references to access via https
Diffstat (limited to 'data/CVE/list.2015')
-rw-r--r-- | data/CVE/list.2015 | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/data/CVE/list.2015 b/data/CVE/list.2015 index b7691d6841..a9dbffbb59 100644 --- a/data/CVE/list.2015 +++ b/data/CVE/list.2015 @@ -2715,7 +2715,7 @@ CVE-2015-8663 (The ff_get_buffer function in libavcodec/utils.c in FFmpeg before - ffmpeg 7:2.8.4-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf NOTE: For libav in jessie the patch needs to applied in libavcodec/decode.c in line 1884. CVE-2015-8662 (The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg befor ...) {DLA-1611-1} @@ -2723,13 +2723,13 @@ CVE-2015-8662 (The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5 CVE-2015-8661 (The h264_slice_header_init function in libavcodec/h264_slice.c in FFmp ...) {DLA-1611-1} - ffmpeg 7:2.8.3-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5 CVE-2015-8658 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...) NOT-FOR-US: Adobe Flash Player CVE-2015-8657 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...) @@ -3750,7 +3750,7 @@ CVE-2015-8365 (The smka_decode_frame function in libavcodec/smacker.c in FFmpeg - ffmpeg 7:2.8.3-1 (bug #806519) [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4a9af07a49295e014b059c1ab624c40345af5892 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=4a9af07a49295e014b059c1ab624c40345af5892 NOTE: fix for the libav 11.9 branch: https://git.libav.org/?p=libav.git;a=commit;h=v11.9-5-g88762a0 NOTE: fix for the libav 0.8 branch: https://git.libav.org/?p=libav.git;a=commit;h=9fba59f471725e5235d5378e795ebf8b59472817 CVE-2015-8364 (Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi. ...) @@ -3758,14 +3758,14 @@ CVE-2015-8364 (Integer overflow in the ff_ivi_init_planes function in libavcodec - ffmpeg 7:2.8.3-1 (bug #806519) [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066 CVE-2015-8363 (The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in ...) {DLA-1611-1} - ffmpeg 7:2.8.3-1 (bug #806519) [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2 CVE-2015-8362 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices b ...) NOT-FOR-US: Harman AMX CVE-2015-8361 (Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.1 ...) @@ -8067,44 +8067,44 @@ CVE-2015-6826 (The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a CVE-2015-6825 (The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFm ...) {DLA-1611-1} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> [wheezy] - libav <not-affected> (Vulnerable code not present) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626 CVE-2015-6824 (The sws_init_context function in libswscale/utils.c in FFmpeg before 2 ...) {DLA-1611-2} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111 CVE-2015-6823 (The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2. ...) {DLA-1611-2} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7068bf277a37479aecde2832208d820682b35e6 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7068bf277a37479aecde2832208d820682b35e6 CVE-2015-6822 (The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7 ...) {DLA-1611-2 DLA-1611-1} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4 CVE-2015-6821 (The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg be ...) {DLA-1611-1} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1 CVE-2015-6820 (The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7. ...) {DLA-1611-1} - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3 CVE-2015-6819 (Multiple integer underflows in the ff_mjpeg_decode_frame function in l ...) - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) @@ -8114,7 +8114,7 @@ CVE-2015-6818 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg b - ffmpeg 7:2.7.2-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91 NOTE: For libav in jessie, the patch needs to go into the decode_frame() function in libavcodec/pngdec.c CVE-2015-6814 RESERVED @@ -8439,7 +8439,7 @@ CVE-2015-6761 (The update_dimensions function in libavcodec/vp8.c in FFmpeg thro NOTE: https://code.google.com/p/chromium/issues/detail?id=532967 NOTE: Starting with 44.0.2403.157-1 chromium uses the ffmpeg system copy NOTE: It looks like this relates to multithreaded decoding of VPx codecs, which is not implemented in the squeeze version. But I'm not sure as the second bug report is still private. - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=dabea74d0e82ea80cd344f630497cafcb3ef872c + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=dabea74d0e82ea80cd344f630497cafcb3ef872c CVE-2015-6760 (The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGL ...) {DSA-3376-1} - chromium-browser 46.0.2490.71-1 @@ -21907,7 +21907,7 @@ CVE-2015-1872 (The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmp [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> [wheezy] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA) - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037 CVE-2015-1871 RESERVED CVE-2015-1870 (The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-re ...) @@ -24063,12 +24063,12 @@ CVE-2015-1209 (Use-after-free vulnerability in the VisibleSelection::nonBoundary [squeeze] - chromium-browser <end-of-life> CVE-2015-1208 (Integer underflow in the mov_read_default function in libavformat/mov. ...) - ffmpeg 7:2.5.3-1 - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3ebd76a9c57558e284e94da367dd23b435e6a6d0 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3ebd76a9c57558e284e94da367dd23b435e6a6d0 CVE-2015-1207 (Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chr ...) {DLA-1654-1} - ffmpeg 7:2.6.1-1 - libav <removed> - NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3859868c75313e318ebc5d0d33baada62d45dd75 + NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=3859868c75313e318ebc5d0d33baada62d45dd75 CVE-2015-1206 (Heap-based buffer overflow in Google Chrome before M40 allows remote a ...) - chromium-browser 40.0.2214.91-1 [wheezy] - chromium-browser <end-of-life> |