data/CVE/list

@@ -38166,7 +38166,8 @@ CVE-2018-6913 (Heap-based buffer overflow in the pack function in Perl before 5.
 CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg through ...)
 	- ffmpeg 7:4.0.1-2 (low)
 	[stretch] - ffmpeg <not-affected> (Code in 3.2 is different/not affected)
-	- libav <undetermined>
+	- libav
+	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
 CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
@@ -38998,7 +38999,7 @@ CVE-2018-6622 (An issue was discovered that affects all producers of BIOS firmwa
 CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg through ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.2-1 (low)
-	- libav <undetermined>
+	- libav
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b
 	NOTE: Fixed in 3.2.11
 CVE-2018-6620
@@ -39789,12 +39790,13 @@ CVE-2018-6393 (** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 ...)
 CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.2-1
-	- libav <undetermined>
+	- libav
 	NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5
 	NOTE: Needs as well: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c6939f65a116b1ffed345d29d8621ee4ffb32235
 	NOTE: fixing a (functional) regression introduced by the original fix.
 	NOTE: Fixed in 3.2.11, the commit in the 3.2 branch (c4ba170cad2ccdd896ea6fd3a890980008606541)
 	NOTE: has the regression fix squashed in
+	NOTE: The vulnerable function is filter_frame in libav.
 CVE-2018-6391 (A cross-site request forgery web vulnerability has been discovered on ...)
 	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
 CVE-2018-6390 (The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 ...)