Bug#1021013: re-evaluate severity of 1021013
Dear Security Team,
CVE-2022-38600, CVE-2022-38864, CVE-2022-38861 are fixed in unstable;
also, according to upstream[1] CVE-2022-38856 seems to be fixed too,
although the exact commit that contains the fix is not identified.
as for CVE-2022-38862 it can't be reproduced upstream [2] and is
possibly caused by a buggy compiler of the reporter.
I think this bug can be downgraded to non RC severity (perhaps
important or normal?) until further info comes out. What is your
opinion?
Regards,
Lorenzo
[1] https://trac.mplayerhq.hu/ticket/2395
[2] https://trac.mplayerhq.hu/ticket/2404
Reply to: