[Secure-testing-commits] r7990 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Sun Jan 20 15:37:46 UTC 2008
Author: jmm-guest
Date: 2008-01-20 15:37:45 +0000 (Sun, 20 Jan 2008)
New Revision: 7990
Modified:
data/CVE/list
Log:
one flac issue is not exploitable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-20 15:27:07 UTC (rev 7989)
+++ data/CVE/list 2008-01-20 15:37:45 UTC (rev 7990)
@@ -1693,7 +1693,9 @@
CVE-2007-6280
RESERVED
CVE-2007-6279 (Multiple double-free vulnerabilities in Free Lossless Audio Codec ...)
- - flac 1.2.1-1
+ - flac 1.2.1-1 (unimportant)
+ NOTE: According to upstream this issue is not exploitable for code injection
+ NOTE: due to the layout of the seektable memory
CVE-2007-6278 (Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows ...)
- flac 1.2.1-1 (unimportant)
NOTE: Such validations are within the responsibility of the respective applications
More information about the Secure-testing-commits
mailing list