[Secure-testing-commits] r10148 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Oct 22 17:41:26 UTC 2008
Author: nion
Date: 2008-10-22 17:41:25 +0000 (Wed, 22 Oct 2008)
New Revision: 10148
Modified:
data/CVE/list
Log:
vlc cveified
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-22 17:19:01 UTC (rev 10147)
+++ data/CVE/list 2008-10-22 17:41:25 UTC (rev 10148)
@@ -87,11 +87,14 @@
NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136
CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...)
TODO: check
-CVE-2008-XXXX [vlc overflow in ty parsing]
+CVE-2008-4654 [vlc overflow in ty parsing]
- vlc <not-affected> (bug #502726)
NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable)
TODO: check if >= 0.9.4 is uploaded to unstable
- NOTE: requested CVE id on oss-sec
+CVE-2008-4686 [integer overflow in ty parsing]
+ - vlc <unfixed> (medium; bug #503118)
+ NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable)
+ TODO: check if >= 0.9.4 is uploaded to unstable
CVE-2008-XXXX [mantis code execution]
- mantis 1.1.2+dfsg-7 (medium; bug #502728)
NOTE: only registered users can perform this
More information about the Secure-testing-commits
mailing list