[Git][security-tracker-team/security-tracker][master] ffmpeg DSA

Sun, 07 Dec 2025 08:13:25 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
590fac7f by Moritz Mühlenhoff at 2025-12-07T17:12:18+01:00
ffmpeg DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -96202,7 +96202,6 @@ CVE-2025-25474 (DCMTK v3.6.9+ DEV was discovered to 
contain a buffer overflow vi
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847
 CVE-2025-25473 (FFmpeg git master before commit c08d30 was discovered to 
contain a NUL ...)
        - ffmpeg <unfixed>
-       [trixie] - ffmpeg <postponed> (Minor issue, wait until it's fixed in 
the 7.1 branch)
        [bookworm] - ffmpeg <not-affected> (Vulnerable code introduced later; 
ff_flush_packet_queue() is always called)
        [bullseye] - ffmpeg <not-affected> (Vulnerable code introduced later; 
ff_flush_packet_queue() is always called)
        NOTE: https://trac.ffmpeg.org/ticket/11419


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Dec 2025] DSA-6073-1 ffmpeg - security update
+       {CVE-2025-25473}
+       [trixie] - ffmpeg 7:7.1.3-0+deb13u1
 [04 Dec 2025] DSA-6072-1 chromium - security update
        {CVE-2025-13630 CVE-2025-13631 CVE-2025-13632 CVE-2025-13633 
CVE-2025-13634 CVE-2025-13635 CVE-2025-13636 CVE-2025-13637 CVE-2025-13638 
CVE-2025-13639 CVE-2025-13640 CVE-2025-13720 CVE-2025-13721}
        [bookworm] - chromium 143.0.7499.40-1~deb12u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590fac7f6018ca57256c3f5cdeb84741ccbd7af8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590fac7f6018ca57256c3f5cdeb84741ccbd7af8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to