[Secure-testing-commits] r5526 - in data: . CVE
Kees Cook
keescook-guest at alioth.debian.org
Thu Mar 8 21:40:53 CET 2007
Author: keescook-guest
Date: 2007-03-08 20:40:49 +0000 (Thu, 08 Mar 2007)
New Revision: 5526
Modified:
data/CVE/list
data/embedded-code-copies
Log:
checked vlc for DMO overflow
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-03-08 20:11:21 UTC (rev 5525)
+++ data/CVE/list 2007-03-08 20:40:49 UTC (rev 5526)
@@ -139,6 +139,7 @@
CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...)
- mplayer <unfixed> (medium)
- xine-lib <unfixed> (medium)
+ NOTE: vlc checked, and is not affected.
CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...)
NOT-FOR-US: IrfanView
CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2007-03-08 20:11:21 UTC (rev 5525)
+++ data/embedded-code-copies 2007-03-08 20:40:49 UTC (rev 5526)
@@ -252,5 +252,6 @@
unrar-free: (maybe this code is derived from the original rar, too?)
clamav (seems to be disabled in default config)
-mplayer:
-xine-lib (libw32dll)
+mplayer (DirectMedia Object loader):
+xine-lib (src/libw32dll/)
+vlc (modules/codec/dmo/)
More information about the Secure-testing-commits
mailing list