Author: jmm Date: 2017-04-25 09:27:43 +0000 (Tue, 25 Apr 2017) New Revision: 51025
Modified: data/CVE/list Log: new chromium/ffmpeg issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-04-25 09:10:12 UTC (rev 51024) +++ data/CVE/list 2017-04-25 09:27:43 UTC (rev 51025) @@ -9390,15 +9390,35 @@ - chromium-browser 57.0.2987.133-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2017-5051 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...) - TODO: check + - ffmpeg <unfixed> + - chromium-browser 44.0.2403.157-1 + [jessie] - chromium-browser <unfixed> + [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) + NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy CVE-2017-5050 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...) - TODO: check + - ffmpeg <unfixed> + - chromium-browser 44.0.2403.157-1 + [jessie] - chromium-browser <unfixed> + [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) + NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy CVE-2017-5049 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...) - TODO: check + - ffmpeg <unfixed> + - chromium-browser 44.0.2403.157-1 + [jessie] - chromium-browser <unfixed> + [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) + NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy CVE-2017-5048 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...) - TODO: check + - ffmpeg <unfixed> + - chromium-browser 44.0.2403.157-1 + [jessie] - chromium-browser <unfixed> + [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) + NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy CVE-2017-5047 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 ...) - TODO: check + - ffmpeg <unfixed> + - chromium-browser 44.0.2403.157-1 + [jessie] - chromium-browser <unfixed> + [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) + NOTE: Starting with 44.0.2403.157-1 chromium uses src:ffmpeg, but jessie still uses the embedded copy CVE-2017-5046 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux ...) {DSA-3810-1} - chromium-browser 57.0.2987.98-1 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits