[PATCH 1/4] update and comment on CVE-2012-2804
---
CVE/list | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/CVE/list b/CVE/list
index 6eacc1d..0a15cef 100644
--- a/CVE/list
+++ b/CVE/list
@@ -11014,8 +11014,11 @@ CVE-2012-2806 (Heap-based buffer overflow in the get_sos function in jdmarker.c
CVE-2012-2805
RESERVED
CVE-2012-2804 (Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 ...)
- [squeeze] - ffmpeg <unfixed> (bug #688849)
- - libav <unfixed> (bug #688847)
+ [squeeze] - ffmpeg <undetermined> (bug #688849)
+ - libav <undetermined> (bug #688847)
+ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4a80ebe491609e04110a1dd540a0ca79d3be3d04
+ NOTE: ffmpeg fix is not a fix, it's unclear what real issue it is supposed to fix
+ TODO: upstream needs a proper sample to reproduce the issue
CVE-2012-2803 (Double free vulnerability in the mpeg_decode_frame function in ...)
[squeeze] - ffmpeg <unfixed> (bug #688849)
- libav <unfixed> (bug #688847)
--
1.7.9.5
Reply to: