[Secure-testing-commits] r49927 - data/CVE

Wed, 22 Mar 2017 03:09:05 -0700 

Author: jmm
Date: 2017-03-22 10:08:26 +0000 (Wed, 22 Mar 2017)
New Revision: 49927

Modified:
   data/CVE/list
Log:
refs for unfixed libav bugs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-22 09:16:26 UTC (rev 49926)
+++ data/CVE/list       2017-03-22 10:08:26 UTC (rev 49927)
@@ -11887,18 +11887,22 @@
        - libav <removed> (unimportant)
        NOTE: 
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
        NOTE: 
https://github.com/asarubbo/poc/blob/master/00041-libav-leftshift-ituh263dec_c
+       NOTE: https://bugzilla.libav.org/show_bug.cgi?id=985
 CVE-2016-9825 (libswscale/utils.c in libav 11.8 allows remote attackers to 
cause a ...)
        - libav <removed> (unimportant)
        NOTE: 
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
        NOTE: 
https://github.com/asarubbo/poc/blob/master/00040-libav-leftshift-utils_c
+       NOTE: https://bugzilla.libav.org/show_bug.cgi?id=984
 CVE-2016-9824 (Integer overflow in libswscale/x86/swscale.c in libav 11.8 
allows ...)
        - libav <removed>
        NOTE: 
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
        NOTE: 
https://github.com/asarubbo/poc/blob/master/00039-libav-signedintoverflow-swscale_c
+       NOTE: https://bugzilla.libav.org/show_bug.cgi?id=983
 CVE-2016-9823 (libavcodec/x86/mpegvideo.c in libav 11.8 allows remote 
attackers to ...)
        - libav <removed>
        NOTE: 
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
        NOTE: 
https://github.com/asarubbo/poc/blob/master/00038-libav-uint8_t64-outofbounds-mpegvideo
+       NOTE: https://bugzilla.libav.org/show_bug.cgi?id=982
 CVE-2016-9822 (Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows 
remote ...)
        {DLA-791-1}
        - libav <removed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to