[Secure-testing-commits] r11612 - data/CVE
Nico Golde
nion at alioth.debian.org
Sun Apr 12 12:23:05 UTC 2009
Author: nion
Date: 2009-04-12 12:23:05 +0000 (Sun, 12 Apr 2009)
New Revision: 11612
Modified:
data/CVE/list
Log:
new mpg123 issue (fixed in 1.7.2-1)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-12 04:06:59 UTC (rev 11611)
+++ data/CVE/list 2009-04-12 12:23:05 UTC (rev 11612)
@@ -1,3 +1,8 @@
+CVE-2009-XXXX [mpg123 possible invalid read]
+ - mpg123 1.7.2-1 (low)
+ NOTE: http://secunia.com/advisories/34587/3/
+ NOTE: unlike secunia states I can't see that this allows code execution but is just an invalid read
+ NOTE: crashing the application
CVE-2009-1284 (Buffer overflow in BibTeX 0.99 allows context-dependent attackers to ...)
- texlive-bin <unfixed> (bug #520920)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=492136
More information about the Secure-testing-commits
mailing list