Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad372d31 by Moritz Muehlenhoff at 2024-04-22T15:10:49+02:00
new ffmpeg issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -363,19 +363,47 @@ CVE-2023-51791 (Buffer Overflow vulenrability in Ffmpeg
v.N113007-g8d24a28d06 al
CVE-2023-50260 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
CVE-2023-50010 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ [experimental] - ffmpeg 7:7.0-1
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE: https://trac.ffmpeg.org/ticket/10702
+ NOTE:
https://github.com/FFmpeg/FFmpeg/commit/e4d2666bdc3dbd177a81bbf428654a5f2fa3787a
(n7.0)
CVE-2023-50009 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ [experimental] - ffmpeg 7:7.0-1
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE:
https://github.com/FFmpeg/FFmpeg/commit/c443658d26d2b8e19901f9507a890e0efca79056
(n7.0)
+ NOTE: https://trac.ffmpeg.org/ticket/10699
CVE-2023-50008 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ [experimental] - ffmpeg 7:7.0-1
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE:
https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b
(n7.0)
+ NOTE: https://trac.ffmpeg.org/ticket/10701
CVE-2023-50007 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ [experimental] - ffmpeg 7:7.0-1
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE:
https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47
(n7.0)
+ NOTE: https://trac.ffmpeg.org/ticket/10700
CVE-2023-49963 (DYMO LabelWriter Print Server through 2.366 contains a
backdoor hard-c ...)
NOT-FOR-US: DYMO LabelWriter Print Server
CVE-2023-49502 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ [experimental] - ffmpeg 7:7.0-1
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE:
https://github.com/FFmpeg/FFmpeg/commit/737ede405b11a37fdd61d19cf25df296a0cb0b75
(n7.0)
+ NOTE: https://trac.ffmpeg.org/ticket/10688
CVE-2023-49501 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
- TODO: check
+ - ffmpeg <unfixed>
+ [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
+ [bullseye] - ffmpeg <postponed> (Pick up when fixed in 4.3.x)
+ NOTE: https://trac.ffmpeg.org/ticket/10686
CVE-2023-49275 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
CVE-2023-47435 (An issue in the verifyPassword function of hexo-theme-matery
v2.0.0 al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad372d31aeb4c0cd6b8d198a07a6079779c3cfc2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad372d31aeb4c0cd6b8d198a07a6079779c3cfc2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
