Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
96a1e71b by Salvatore Bonaccorso at 2026-06-19T22:33:15+02:00
Add CVE-2026-12706/ffmpeg

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122,7 +122,14 @@ CVE-2026-34192 (Software installed and run as a 
non-privileged user may conduct
 CVE-2026-21768 (The compose-rich-editor library (v1.0.0-rc14) used in HCL 
Verse for An ...)
        NOT-FOR-US: HCL
 CVE-2026-12706 (A use-after-free vulnerability was found in FFmpeg's RASC 
video decode ...)
-       TODO: check
+       - ffmpeg 7:8.1.1-1
+       [trixie] - ffmpeg 7:7.1.4-0+deb13u1
+       [bookworm] - ffmpeg 7:5.1.9-0+deb12u1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2490710
+       NOTE: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22992
+       NOTE: Fixed by: 
https://code.ffmpeg.org/FFmpeg/FFmpeg/commit/102c590a5f5c38fdbb2368672abda608727874dc
 (n8.1.1)
+       NOTE: Fixed by: 
https://code.ffmpeg.org/FFmpeg/FFmpeg/commit/969e4ddf34f36d93d9b1dbafc5fec44e0e08e494
 (n7.1.4)
+       NOTE: Fixed by: 
https://code.ffmpeg.org/FFmpeg/FFmpeg/commit/0db9de2219a46884777576a7a40037489be986b4
 (n5.1.9)
 CVE-2026-12622 (The GridTime 3000 GNSS Time Server has an open redirect 
vulnerability  ...)
        NOT-FOR-US: Microchip
 CVE-2026-12621 (Improper neutralization of input during web page generation 
XSS  vulne ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96a1e71bb5f5f10b565b24f450de452e545bfaad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96a1e71bb5f5f10b565b24f450de452e545bfaad
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to