[Secure-testing-commits] r17462 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-10-20 10:52:53 +0000 (Thu, 20 Oct 2011)
New Revision: 17462

Modified:
   data/CVE/list
Log:
mplayer bugnum


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-20 10:28:45 UTC (rev 17461)
+++ data/CVE/list	2011-10-20 10:52:53 UTC (rev 17462)
@@ -250,9 +250,11 @@
 CVE-2011-4029
 	RESERVED
 	- xorg-server <unfixed>
+	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4
 CVE-2011-4028
 	RESERVED
 	- xorg-server <unfixed> (low)
+	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34
 CVE-2011-4027
 	RESERVED
 CVE-2011-4026
@@ -1358,8 +1360,8 @@
 	RESERVED
 CVE-2011-3625 [mplayer SAMI subtitle parsing buffer overflow]
 	RESERVED
-	- mplayer <unfixed>
-	- mplayer2 <unfixed>
+	- mplayer <unfixed> (bug #645987)
+	- mplayer2 <unfixed> (bug #645987)
 CVE-2011-3624
 	RESERVED
 CVE-2011-3623
@@ -2639,6 +2641,10 @@
 CVE-2010-4818 [X.org multiple input sanitization flaws]
 	RESERVED
 	- xorg-server 2:1.9.99.902-1
+	NOTE: As per https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4818 three commits with theoretical sec impact:
+	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543
+	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4
+	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f
 CVE-2010-4817 [overwriting of arbitrary file via symlinks]
 	RESERVED
 	- pithos 0.3.5-1