ffmpeg triage

2 files changed, 6 insertions, 2 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 3c6c7dfef1..90011eba77 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -24586,15 +24586,19 @@ CVE-2020-20450 (FFmpeg 4.2 is affected by null pointer dereference passed as arg
 CVE-2020-20449
 	RESERVED
 CVE-2020-20448 (FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/rate ...)
-	- ffmpeg <unfixed> (unimportant)
+	- ffmpeg 7:4.3-2 (unimportant)
 	NOTE: https://trac.ffmpeg.org/ticket/7990
 	NOTE: Negligible security impact
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8802e329c8317ca5ceb929df48a23eb0f9e852b2
+	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=55279d699fa64d8eb1185d8db04ab4ed92e8dea2
 CVE-2020-20447
 	RESERVED
 CVE-2020-20446 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy ...)
 	- ffmpeg <unfixed> (unimportant)
 	NOTE: https://trac.ffmpeg.org/ticket/7995
 	NOTE: Negligible security impact
+	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/223b5e8ac9f6461bb13ed365419ec485c5b2b002
+	NOTE: Pending for 4.4.1
 CVE-2020-20445 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, ...)
 	- ffmpeg <unfixed> (unimportant)
 	NOTE: https://trac.ffmpeg.org/ticket/7996
diff --git a/data/DSA/list b/data/DSA/list
index e960e43dcf..79c6c22e4e 100644
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -838,7 +838,7 @@
 	{CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-11743 CVE-2020-15563 CVE-2020-15564 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567}
 	[buster] - xen 4.11.4+24-gddaaccbbab-1~deb10u1
 [08 Jul 2020] DSA-4722-1 ffmpeg - security update
-	{CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 CVE-2020-20902}
+	{CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 CVE-2020-20902 CVE-2020-20448}
 	[buster] - ffmpeg 7:4.1.6-1~deb10u1
 [08 Jul 2020] DSA-4721-1 ruby2.5 - security update
 	{CVE-2020-10663 CVE-2020-10933}