[Secure-testing-commits] r10696 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Dec 14 16:43:07 UTC 2008
Author: nion
Date: 2008-12-14 16:43:06 +0000 (Sun, 14 Dec 2008)
New Revision: 10696
Modified:
data/CVE/list
Log:
CVE-2008-5243 unfixed btu unimportant (xine)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-14 16:29:13 UTC (rev 10695)
+++ data/CVE/list 2008-12-14 16:43:06 UTC (rev 10696)
@@ -533,7 +533,9 @@
- mplayer <unfixed> (bug #407010)
NOTE: overlaps with CVE-2008-4610, same aac issue
CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, ...)
- TODO: check
+ - xine-lib <unfixed> (unimportant; bug #508716)
+ NOTE: these are just invalid reads that result in segfaults, denial of service doesnt
+ NOTE: apply here as xine reading a file is no service -> application bug
CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, ...)
- xine-lib <unfixed> (medium; bug #507165; bug #498243)
CVE-2008-5241 (Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 ...)
More information about the Secure-testing-commits
mailing list