Author: jmm
Date: 2017-03-23 21:59:26 +0000 (Thu, 23 Mar 2017)
New Revision: 49979
Modified:
data/CVE/list
Log:
fix broken libvpx commits
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-23 21:10:13 UTC (rev 49978)
+++ data/CVE/list 2017-03-23 21:59:26 UTC (rev 49979)
@@ -41468,7 +41468,10 @@
CVE-2016-2465 (The Qualcomm video driver in Android before 2016-06-01 on Nexus
5, 5X, ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-2464 (libvpx in libwebm in mediaserver in Android 4.x before 4.4.4,
5.0.x ...)
- - libvpx <not-affected> (Vulnerable source not present)
+ - libvpx 1.6.1-1
+ [jessie] - libvpx <not-affected> (libwebm not yet present)
+ [wheezy] - libvpx <not-affected> (libwebm not yet present)
+ NOTE: probably fixed earlier, but this was the version checked
CVE-2016-2463 (Multiple integer overflows in the h264dec component in
libstagefright ...)
NOT-FOR-US: libstagefright
CVE-2016-2462 (OpenSSLCipher.java in Conscrypt in Android 6.x before
2016-05-01 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
