[Secure-testing-commits] r9464 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Jul 29 10:13:01 UTC 2008
Author: nion
Date: 2008-07-29 10:12:59 +0000 (Tue, 29 Jul 2008)
New Revision: 9464
Modified:
data/CVE/list
Log:
new ffmpeg-debian issue: CVE-2008-3230
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-29 10:03:41 UTC (rev 9463)
+++ data/CVE/list 2008-07-29 10:12:59 UTC (rev 9464)
@@ -253,7 +253,8 @@
CVE-2008-3231 (xine allows user-assisted attackers to cause a denial of service ...)
TODO: check
CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...)
- TODO: check
+ - ffmpeg-debian <unfixed> (medium; bug #492806)
+ NOTE: this is not just a DoS but a heap overflow, see gif_read_packet function
CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply certain ...)
- joomla <itp> (bug #326398)
CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact ...)
More information about the Secure-testing-commits
mailing list