summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-04-03 15:48:56 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-04-03 15:48:56 +0200
commitc7b652eb1284ab1eef96bb553aa94ea2d2eb3384 (patch)
treed0547079673dd705f6aaebf5bf7c53f85bd78837
parenta1f09a3b49501c173ffabe9329ce52b3d5b46393 (diff)
Add information for CVE-2020-24995/ffmpeg
-rw-r--r--data/CVE/2020.list9
1 files changed, 8 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index e3175743e7..88cd9ceb97 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -13955,7 +13955,14 @@ CVE-2020-24996 (There is an invalid memory access in the function TextString::~T
- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028
CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...)
- TODO: check
+ - ffmpeg <undetermined>
+ NOTE: https://trac.ffmpeg.org/ticket/8845
+ NOTE: https://trac.ffmpeg.org/ticket/8859
+ NOTE: https://trac.ffmpeg.org/ticket/8860
+ NOTE: Support for 22.2 / channel_config 13 introduced in:
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468
+ NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f
+ TODO: check if issue introduced only when introducign support for Support for 22.2 / channel_config 13
CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...)
- libass 1:0.15.0-1
[buster] - libass <no-dsa> (Minor issue)

© 2014-2024 Faster IT GmbH | imprint | privacy policy