[Secure-testing-commits] r10739 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Sat Dec 20 15:08:11 UTC 2008
Author: white
Date: 2008-12-20 15:08:10 +0000 (Sat, 20 Dec 2008)
New Revision: 10739
Modified:
data/CVE/list
Log:
One more xine-lib issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-20 13:18:51 UTC (rev 10738)
+++ data/CVE/list 2008-12-20 15:08:10 UTC (rev 10739)
@@ -1050,7 +1050,7 @@
NOTE: memcpy fails for copying from the complete addressable address space long before any code is executed
NOTE: the malloc check for type_specific_data is missing, minor issue filed as #508065
CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ...)
- TODO: check
+ - xine-lib <unfixed> (bug #509265)
CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
TODO: check
CVE-2008-5235 (Heap-based buffer overflow in the demux_real_send_chunk function in ...)
More information about the Secure-testing-commits
mailing list