Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 74dc6d16 by security tracker role at 2019-03-31T08:10:55Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -40730,7 +40730,7 @@ CVE-2018-1999013 (FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 [jessie] - libav <not-affected> (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f CVE-2018-1999012 (FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains ...) - {DSA-4249-1} + {DSA-4249-1 DLA-1740-1} - ffmpeg 7:4.0.2-1 - libav <removed> NOTE: https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e @@ -63139,7 +63139,7 @@ CVE-2018-6394 (SQL Injection exists in the InviteX 3.0.5 component for Joomla! v CVE-2018-6393 (** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-17 ...) NOT-FOR-US: FreePBX CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg thro ...) - {DSA-4249-1} + {DSA-4249-1 DLA-1740-1} - ffmpeg 7:3.4.2-1 - libav <removed> NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5 @@ -67963,6 +67963,7 @@ CVE-2017-1000462 (BookStack version 0.18.4 is vulnerable to stored cross-site sc CVE-2017-1000461 (Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulne ...) - brave-browser <itp> (bug #864795) CVE-2017-1000460 (In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chr ...) + {DLA-1740-1} - libav <removed> - ffmpeg 7:3.1.1-1 NOTE: https://bugzilla.libav.org/show_bug.cgi?id=952 @@ -91543,7 +91544,7 @@ CVE-2017-14059 (In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an E [jessie] - libav <not-affected> (vulnerable code is not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/7e80b63ecd259d69d383623e75b318bf2bd491f6 CVE-2017-14058 (In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not ...) - {DSA-3996-1} + {DSA-3996-1 DLA-1740-1} - ffmpeg 7:3.3.4-1 (low) - libav <removed> NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a @@ -183323,7 +183324,7 @@ CVE-2015-1874 (Cross-site request forgery (CSRF) vulnerability in the Contact Fo CVE-2015-1873 RESERVED CVE-2015-1872 (The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg be ...) - {DLA-644-1} + {DLA-1740-1 DLA-644-1} - ffmpeg 7:2.5.4-1 [squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS) - libav <removed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/74dc6d16b9e414f8fcc659f6cca0a54354c671c9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/74dc6d16b9e414f8fcc659f6cca0a54354c671c9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits