[Secure-testing-commits] r15902 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Sun Jan 16 09:35:27 UTC 2011 

Author: jmm
Date: 2011-01-16 09:35:19 +0000 (Sun, 16 Jan 2011)
New Revision: 15902

Modified:
   data/CVE/list
Log:
vlc updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-01-16 09:14:50 UTC (rev 15901)
+++ data/CVE/list	2011-01-16 09:35:19 UTC (rev 15902)
@@ -2883,6 +2883,7 @@
 	RESERVED
 CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
 	- vlc 1.1.3-1squeeze1
+	[lenny] - vlc <not-affected> (Vulnerable code not present)
 CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
 	- git-core <removed>
 	[lenny] - git-core <no-dsa> (Will be fixed in spu)
@@ -5572,6 +5573,7 @@
 	NOTE: probably fixed well before this version, but this is the one i checked and its fixed
 CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...)
 	- vlc 1.1.3-1
+	[lenny] - vlc <not-affected> (Vulnerable code not present)
 CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in ...)
 	{DSA-2099-1}
 	- openoffice.org 1:3.2.1-6
@@ -9752,23 +9754,25 @@
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12 (unimportant)
 	NOTE: KGDB is not currently enabled in debian builds
-CVE-2010-1445
+CVE-2010-1445 [Heap buffer overflow in RTMP access]
 	RESERVED
 	- vlc 1.0.6-1
+	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1444
+CVE-2010-1444 [Invalid memory access in ZIP archive decompressor]
 	RESERVED
 	- vlc 1.0.6-1
+	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1443
+CVE-2010-1443 [Invalid memory access in XSPF playlist parser]
 	RESERVED
 	- vlc 1.0.6-1
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1442
+CVE-2010-1442 [Invalid memory access in AVI, ASF, Matroska (MKV) demuxers]
 	RESERVED
 	- vlc 1.0.6-1
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1441
+CVE-2010-1441 [Heap buffer overflow vulnerability in A/52, DTS and MPEG Audio decoders]
 	RESERVED
 	- vlc 1.0.6-1
 	NOTE: http://www.videolan.org/security/sa1003.html

More information about the Secure-testing-commits mailing list