white at alioth.debian.org
2008-Nov-08 08:58 UTC
[Secure-testing-commits] r10341 - data/CVE
Author: white Date: 2008-11-08 08:58:09 +0000 (Sat, 08 Nov 2008) New Revision: 10341 Modified: data/CVE/list Log: Fill bugreport for ffmpeg-debian; mark mplayer package as fixed by version using ffmpeg Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-08 08:37:49 UTC (rev 10340) +++ data/CVE/list 2008-11-08 08:58:09 UTC (rev 10341) @@ -182,19 +182,23 @@ NOTE: by default this file doesnt containt sensitive information and administrator NOTE: changing this should ensure on its own that the mode is secure CVE-2008-4869 (FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers ...) - TODO: check + - ffmpeg-debian <unfixed> (bug #504977) + TODO: check other code copies CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...) - ffmpeg-debian <not-affected> (Vulnerable code not present) [etch] - ffmpeg <not-affected> (Vulnerable code not present) + - mplayer 1.0~rc2-14 [etch] - mplayer <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as ...) - - ffmpeg-debian 0.svn20080206-14 + - ffmpeg-debian 0.svn20080206-14 (bug #504977) + - mplayer 1.0~rc2-14 [etch] - ffmpeg <not-affected> (Vulnerable code not present) [etch] - mplayer <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...) - - ffmpeg-debian 0.svn20080206-14 + - ffmpeg-debian 0.svn20080206-14 (bug #504977) + - mplayer 1.0~rc2-14 [etch] - ffmpeg <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...)