[Secure-testing-commits] r3569 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Mar 8 21:43:31 UTC 2006
Author: jmm-guest
Date: 2006-03-08 21:43:25 +0000 (Wed, 08 Mar 2006)
New Revision: 3569
Modified:
data/CVE/list
Log:
three potential CVE-2005-4048 packages verified to be not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-08 21:14:24 UTC (rev 3568)
+++ data/CVE/list 2006-03-08 21:43:25 UTC (rev 3569)
@@ -3714,11 +3714,9 @@
- xine-lib 1.0.1-1.5 (bug #342208; medium)
- mplayer <itp> (bug #113238; medium)
- gst-ffmpeg 0.8.7-5 (bug #343503; medium)
- - kino <unfixed> (medium)
- - smilutils <unfixed> (medium)
- vlc 0.8.4.debian-2 (medium)
- - motion <unfixed> (medium)
NOTE: kino, smilutils, motion and vlc link statically against libavcodec, need a recompile once ffmpeg is fixed
+ NOTE: smilutils, motion, kino link statically against libavcodec, but don't use the vulnerable function
CVE-2005-4047 (Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ...)
NOT-FOR-US: IISWorks ASPKnowledgeBase
CVE-2005-4046 (Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java ...)
More information about the Secure-testing-commits
mailing list