[Secure-testing-commits] r25497 - in data: . CVE

[Raphael Geissert]

Author: atomo64-guest
Date: 2014-02-03 12:55:51 +0000 (Mon, 03 Feb 2014)
New Revision: 25497

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
liblivemedia update


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-03 12:08:58 UTC (rev 25496)
+++ data/CVE/list	2014-02-03 12:55:51 UTC (rev 25497)
@@ -3926,15 +3926,14 @@
 	- liblivemedia <not-affected> (incomplete patch never applied)
 	- vlc <not-affected> (never built against liblivemedia with incomplete patch)
 	- mplayer <not-affected> (never built against liblivemedia with incomplete patch)
-	- mplayer2 <not-affected> (never built against liblivemedia with incomplete patch)
+	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
 CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
 	- liblivemedia 2014.01.13-1
 	[squeeze] - liblivemedia <not-affected> (vuln. code introduced in 2011.08.13)
 	- vlc 2.1.2-2+b1
 	[squeeze] - vlc <not-affected> (not built against vuln. liblivemedia)
 	- mplayer <unfixed>
-	[squeeze] - mplayer <not-affected> (not built against vuln. liblivemedia)
-	- mplayer2 <unfixed>
+	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
 	NOTE: vlc fixed by the binnmu - recording it even if it's not a source pkg version
 	TODO: request binnmus
 CVE-2013-6932 (Buffer overflow in IrfanView before 4.37, when a multibyte-character ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2014-02-03 12:08:58 UTC (rev 25496)
+++ data/embedded-code-copies	2014-02-03 12:55:51 UTC (rev 25497)
@@ -2664,3 +2664,7 @@
 
 libyaml
 	- libyaml-libyaml-perl <unfixed> (embed; bug #664224)
+
+liblivemedia
+	- vlc <unfixed> (static)
+	- mplayer <unfixed> (static)