[Secure-testing-commits] r10789 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Dec 23 20:18:43 UTC 2008
Author: nion
Date: 2008-12-23 20:18:43 +0000 (Tue, 23 Dec 2008)
New Revision: 10789
Modified:
data/CVE/list
Log:
CVE-2008-4610 fixed in mplayer, ogm issue unfixed in ffmpeg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-23 20:01:11 UTC (rev 10788)
+++ data/CVE/list 2008-12-23 20:18:43 UTC (rev 10789)
@@ -2499,7 +2499,10 @@
CVE-2008-4611 (SQL injection vulnerability in index.php in PHP Arsivimiz Php ...)
NOT-FOR-US: PHP Arsivimiz Php Ziyaretci Defteri
CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...)
- - mplayer <unfixed> (low; bug #407010)
+ - mplayer 1.0~rc2-20 (low; bug #407010)
+ NOTE: only the aac issue affected mplayer because it built against a copy of faad
+ NOTE: the ogm issue is a problem in ffmpeg
+ - ffmpeg-debian <unfixed> (low; bug #509616)
NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...)
TODO: check
More information about the Secure-testing-commits
mailing list