Author: jmm Date: 2017-01-31 22:18:37 +0000 (Tue, 31 Jan 2017) New Revision: 48635
Modified:
data/CVE/list
Log:
libav triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-31 21:13:45 UTC (rev 48634)
+++ data/CVE/list 2017-01-31 22:18:37 UTC (rev 48635)
@@ -7610,12 +7610,12 @@
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-_iprintf-outputtxt-c
CVE-2016-9826
RESERVED
- - libav <removed>
+ - libav <removed> (unimportant)
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00041-libav-leftshift-ituh263dec_c
CVE-2016-9825
RESERVED
- - libav <removed>
+ - libav <removed> (unimportant)
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00040-libav-leftshift-utils_c
CVE-2016-9824
@@ -7634,24 +7634,36 @@
- libav <removed>
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00037-libav-signedintoverflow-mpegvideo_parser
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33
(pre 11.9)
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0
(pre 11.9)
CVE-2016-9821
RESERVED
{DLA-791-1}
- libav <removed>
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00037-libav-signedintoverflow-mpegvideo_parser
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33
(pre 11.9)
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0
(pre 11.9)
CVE-2016-9820
RESERVED
{DLA-791-1}
- - libav <removed>
+ - libav <removed> (unimportant)
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00036-libav-leftshift-mpegvideo
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d
(pre 11.9)
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3
(pre 11.9)
CVE-2016-9819
RESERVED
{DLA-791-1}
- - libav <removed>
+ - libav <removed> (unimportant)
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00036-libav-leftshift-mpegvideo
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d
(pre 11.9)
+ NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3
(pre 11.9)
CVE-2016-9818
RESERVED
- xen 4.8.0-1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
