diff options
author | Michael Gilbert <michael.s.gilbert@gmail.com> | 2012-01-05 00:29:22 +0000 |
---|---|---|
committer | Michael Gilbert <michael.s.gilbert@gmail.com> | 2012-01-05 00:29:22 +0000 |
commit | c6dc4b96394ba4c2a733e216387d7d6b0534699a (patch) | |
tree | dc13c43f6a05dc6a0758c05db4d08810a77b3797 | |
parent | 6db935abf3e0b77c44f613d2e9b049bcaa773728 (diff) |
libav mainainers indicate that individual CVEs should be submitted as separate bugs
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@18038 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 6 | ||||
-rw-r--r-- | doc/narrative_introduction | 1 |
2 files changed, 4 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index b246707d1a..3d292187b9 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3864,7 +3864,7 @@ CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome - chromium-browser 15.0.874.121~r109964-1 - webkit <not-affected> (Chrome issue) - ffmpeg <removed> - - libav <unfixed> (bug #654534) + - libav <unfixed> (bug #654534; bug #654573) CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...) - chromium-browser 15.0.874.121~r109964-1 - webkit <not-affected> (Chrome issue) @@ -3872,7 +3872,7 @@ CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 . CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...) - chromium-browser 15.0.874.121~r109964-1 - webkit <not-affected> (Chrome issue) - - libav <unfixed> (bug #654534) + - libav <unfixed> (bug #654534; bug #654572) - ffmpeg <removed> [squeeze] - chromium-browser <not-affected> NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554 @@ -3882,7 +3882,7 @@ CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome - chromium-browser 15.0.874.121~r109964-1 - webkit <not-affected> (Chrome issue) [squeeze] - chromium-browser <not-affected> - - libav <unfixed> (bug #654534) + - libav <unfixed> (bug #654534; bug #654571) - ffmpeg <removed> NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489 CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...) diff --git a/doc/narrative_introduction b/doc/narrative_introduction index 31ee8cab0e..49c74bede4 100644 --- a/doc/narrative_introduction +++ b/doc/narrative_introduction @@ -272,6 +272,7 @@ report is permissable and encouraged. However, some maintainers have indicated a preference for only one issue per bug report. The following is a list of packages for which each CVE should be reported separately: - php5 + - libav A special exception is made for kernel related issues. The kernel-sec group will take care of them. It is not necessary to file bugs in the BTS for kernel |