[Secure-testing-commits] r9468 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Tue Jul 29 14:31:54 UTC 2008
Author: white
Date: 2008-07-29 14:31:52 +0000 (Tue, 29 Jul 2008)
New Revision: 9468
Modified:
data/CVE/list
Log:
New xine-lib issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-29 12:53:42 UTC (rev 9467)
+++ data/CVE/list 2008-07-29 14:31:52 UTC (rev 9468)
@@ -251,7 +251,7 @@
CVE-2008-3232 (Unspecified vulnerability in dotclear before 1.2.8 has unknown impact ...)
NOT-FOR-US: dotclear
CVE-2008-3231 (xine allows user-assisted attackers to cause a denial of service ...)
- TODO: check
+ - xine-lib <unfixed> (bug #492870; low)
CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...)
- ffmpeg-debian <unfixed> (medium; bug #492806)
NOTE: this is not just a DoS but a heap overflow, see gif_read_packet function
More information about the Secure-testing-commits
mailing list