Hi! begin quotation from Debian Bug Tracking System (in <handler.717009.d717009.138119152026841.notifd...@bugs.debian.org>): > This is an automatic notification regarding your Bug report > which was filed against the libavcodec53 package: > > #717009: libavcodec53: CVEs CVE-2013-0844 to CVE-2013-0874, CVE-2013-3670, > CVE-2013-3672, CVE-2013-3674 > > It has been closed by Reinhard Tartler <siret...@tauware.de>. > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Reinhard Tartler > <siret...@tauware.de> by > replying to this email.
some of these still do not seem fixed to me... > Date: Tue, 16 Jul 2013 02:14:18 +0200 > From: Arne Wichmann <a...@linux.de> > To: Debian Bug Tracking System <sub...@bugs.debian.org> > Subject: libavcodec53: CVEs CVE-2013-0844 to CVE-2013-0874, CVE-2013-3670, > CVE-2013-3672, CVE-2013-3674 > X-Mailer: reportbug 6.4.4 Namely the following: > CVE-2013-0845 > CVE-2013-0851 > CVE-2013-0852 > CVE-2013-0868 > CVE-2013-3670 looks valid - libav commits given in security tracker fix > different things AFAICS > CVE-2013-3672 > CVE-2013-3674 Are these irrelevant for libav? Furthermore: > CVE-2013-0848 - I was not able to find the problem in libav > CVE-2013-0860 - I was not able to find the problem in libav Can I consider these fixed? And finally - is there a chance that we get a fixed version for stable, too? cu AW -- [...] If you don't want to be restricted, don't agree to it. If you are coerced, comply as much as you must to protect yourself, just don't support it. Noone can free you but yourself. (crag, on Debian Planet) Arne Wichmann (a...@linux.de)
signature.asc
Description: Digital signature
