[Secure-testing-commits] r26703 - data/CVE
Raphael Geissert
atomo64-guest at moszumanska.debian.org
Fri Apr 25 13:54:21 UTC 2014
Author: atomo64-guest
Date: 2014-04-25 13:54:21 +0000 (Fri, 25 Apr 2014)
New Revision: 26703
Modified:
data/CVE/list
Log:
add entry and TODO for xine-lib's mms support
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-25 12:00:29 UTC (rev 26702)
+++ data/CVE/list 2014-04-25 13:54:21 UTC (rev 26703)
@@ -297,6 +297,8 @@
NOT-FOR-US: Gnew
CVE-2014-2892 (Heap-based buffer overflow in the get_answer function in mmsh.c in ...)
- libmms <unfixed> (bug #745301)
+ - xine-lib <not-affected> (mmsh is libmms-specific)
+ TODO: confirm xine-lib assertion
NOTE: http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
CVE-2014-2893 [scan-build: insecure use of /tmp]
RESERVED
More information about the Secure-testing-commits
mailing list