white at alioth.debian.org
2008-Nov-08 09:20 UTC
[Secure-testing-commits] r10344 - data/CVE
Author: white Date: 2008-11-08 09:20:21 +0000 (Sat, 08 Nov 2008) New Revision: 10344 Modified: data/CVE/list Log: gstreamer0.10-ffmpeg in lenny uses ffmpeg; one issue potentially affects etch Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-08 09:14:13 UTC (rev 10343) +++ data/CVE/list 2008-11-08 09:20:21 UTC (rev 10344) @@ -185,6 +185,7 @@ - ffmpeg-debian <unfixed> (bug #504977) - kino 1.0.0-1 [etch] - kino <not-affected> (Does not ship ffmpeg) + - gstreamer0.10-ffmpeg 0.10.3-2 TODO: check other code copies CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in ...) - ffmpeg-debian <not-affected> (Vulnerable code not present) @@ -193,6 +194,8 @@ [etch] - mplayer <not-affected> (Vulnerable code not present) - kino 1.0.0-1 [etch] - kino <not-affected> (Does not ship ffmpeg) + - gstreamer0.10-ffmpeg 0.10.3-2 + [etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as ...) - ffmpeg-debian 0.svn20080206-14 (bug #504977) @@ -201,6 +204,8 @@ [etch] - mplayer <not-affected> (Vulnerable code not present) - kino 1.0.0-1 [etch] - kino <not-affected> (Does not ship ffmpeg) + - gstreamer0.10-ffmpeg 0.10.3-2 + [etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 ...) - ffmpeg-debian 0.svn20080206-14 (bug #504977) @@ -208,6 +213,8 @@ - mplayer 1.0~rc2-14 - kino 1.0.0-1 [etch] - kino <not-affected> (Does not ship ffmpeg) + - gstreamer0.10-ffmpeg 0.10.3-2 + [etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present) TODO: check other code copies CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...) TODO: check