Author: jmm
Date: 2017-11-27 17:31:35 +0000 (Mon, 27 Nov 2017)
New Revision: 58048
Modified:
data/CVE/list
Log:
remove postponed entries for ffmpeg, next DSA will fix those
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-27 09:10:15 UTC (rev 58047)
+++ data/CVE/list 2017-11-27 17:31:35 UTC (rev 58048)
@@ -1575,7 +1575,6 @@
NOT-FOR-US: LanSweeper
CVE-2017-16840 (The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote
...)
- ffmpeg <unfixed>
- [stretch] - ffmpeg <postponed> (Can be fixed with next 3.2.x release)
NOTE:
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74
CVE-2017-16839
RESERVED
@@ -4759,7 +4758,6 @@
RESERVED
CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg
3.3.4 and ...)
- ffmpeg 7:3.4-1
- [stretch] - ffmpeg <postponed> (Wait until next round of security
releases)
- libav <undetermined>
NOTE: Fixed by:
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904
CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or
libc6) ...)
@@ -6054,7 +6052,6 @@
NOTE:
https://github.com/Cacti/cacti/commit/4f87256e63859117f81d2a2bd40c9c730e39b65d
CVE-2017-15186 (Double free vulnerability in FFmpeg 3.3.4 and earlier allows
remote ...)
- ffmpeg 7:3.4-1
- [stretch] - ffmpeg <postponed> (Wait until next round of security
releases)
- libav <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2017/10/20/4
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/df62b70de8aaa285168e72fe8f6e740843ca91fa
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
