jmm-guest at alioth.debian.org
2009-Jan-29 13:50 UTC
[Secure-testing-commits] r11093 - data/CVE
Author: jmm-guest
Date: 2009-01-29 13:50:34 +0000 (Thu, 29 Jan 2009)
New Revision: 11093
Modified:
data/CVE/list
Log:
- ffmpeg fixed, affects mplayer and ffmpeg in etch
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-01-29 09:14:17 UTC (rev 11092)
+++ data/CVE/list 2009-01-29 13:50:34 UTC (rev 11093)
@@ -1,3 +1,9 @@
+CVE-2009-XXXX [ffmpeg 4x issue]
+ - ffmpeg-debian 0.svn20080206-16
+ - ffmpeg <removed>
+ - mplayer 1.0~rc2-14
+ NOTE: MPlayer links against libavformat since 1.0~rc2-14, etch Mplayer still
needs a fix
+ NOTE:
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
CVE-2009-XXXX [file inclusion vuln in util/barcode.php and XSS in horde3]
- horde3 3.2.2+debian0-2 (bug #513265)
CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python
interpreter ...)
@@ -2461,7 +2467,7 @@
{DSA-1677-1}
- cups 1.3.8-1lenny4 (bug #507183; medium)
CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
- - geda-gnetlist <unfixed> (bug #506625; unimportant)
+ - geda-gnetlist 1:1.4.0-3 (bug #506625; unimportant)
NOTE: sch2eaglepos.sh only used as example script
CVE-2008-5248 (xine-lib before 1.1.15 allows remote attackers to cause a denial
of ...)
- xine-lib 1.1.14-3 (low)
@@ -7356,7 +7362,7 @@
CVE-2008-3231 (xine-lib before 1.1.15 allows remote attackers to cause a denial
of ...)
- xine-lib 1.1.14-2 (bug #492870; low)
CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause
a ...)
- - ffmpeg-debian <unfixed> (unimportant; bug #498764)
+ - ffmpeg-debian 0.svn20080206-16 (unimportant; bug #498764)
- ffmpeg <removed> (unimportant)
NOTE: Only a NULL pointer deference, hardly security relevant
CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply
certain ...)