[Secure-testing-commits] r10148 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Wed Oct 22 17:41:26 UTC 2008


Author: nion
Date: 2008-10-22 17:41:25 +0000 (Wed, 22 Oct 2008)
New Revision: 10148

Modified:
   data/CVE/list
Log:
vlc cveified

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-22 17:19:01 UTC (rev 10147)
+++ data/CVE/list	2008-10-22 17:41:25 UTC (rev 10148)
@@ -87,11 +87,14 @@
 	NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136
 CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...)
 	TODO: check
-CVE-2008-XXXX [vlc overflow in ty parsing]
+CVE-2008-4654 [vlc overflow in ty parsing]
 	- vlc <not-affected> (bug #502726)
 	NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable)
 	TODO: check if >= 0.9.4 is uploaded to unstable
-	NOTE: requested CVE id on oss-sec
+CVE-2008-4686 [integer overflow in ty parsing]
+	- vlc <unfixed> (medium; bug #503118)
+	NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable)
+	TODO: check if >= 0.9.4 is uploaded to unstable
 CVE-2008-XXXX [mantis code execution]
 	- mantis 1.1.2+dfsg-7 (medium; bug #502728)
 	NOTE: only registered users can perform this




More information about the Secure-testing-commits mailing list