[Secure-testing-commits] r10739 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sat Dec 20 15:08:11 UTC 2008


Author: white
Date: 2008-12-20 15:08:10 +0000 (Sat, 20 Dec 2008)
New Revision: 10739

Modified:
   data/CVE/list
Log:
One more xine-lib issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-20 13:18:51 UTC (rev 10738)
+++ data/CVE/list	2008-12-20 15:08:10 UTC (rev 10739)
@@ -1050,7 +1050,7 @@
 	NOTE: memcpy fails for copying from the complete addressable address space long before any code is executed
 	NOTE: the malloc check for type_specific_data is missing, minor issue filed as #508065
 CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ...)
-	TODO: check
+	- xine-lib <unfixed> (bug #509265)
 CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)
 	TODO: check
 CVE-2008-5235 (Heap-based buffer overflow in the demux_real_send_chunk function in ...)




More information about the Secure-testing-commits mailing list