[Secure-testing-commits] r32088 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Feb 8 12:20:37 UTC 2015
Author: carnil
Date: 2015-02-08 12:20:37 +0000 (Sun, 08 Feb 2015)
New Revision: 32088
Modified:
data/CVE/list
Log:
Remove no-dsa tags for liblivemedia, vlc and mplayer in CVE-2013-6933
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-08 11:58:44 UTC (rev 32087)
+++ data/CVE/list 2015-02-08 12:20:37 UTC (rev 32088)
@@ -28797,13 +28797,10 @@
CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
{DSA-3156-1}
- liblivemedia 2014.01.13-1
- [wheezy] - liblivemedia <no-dsa> (Minor issue)
[squeeze] - liblivemedia <not-affected> (vuln. code introduced in 2011.08.13)
- vlc 2.1.2-2+b1
- [wheezy] - vlc <no-dsa> (Minor issue)
[squeeze] - vlc <not-affected> (not built against vuln. liblivemedia)
- mplayer <removed> (low)
- [wheezy] - mplayer <no-dsa> (Minor issue)
[squeeze] - mplayer <no-dsa> (Minor issue)
- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
NOTE: vlc fixed by the binnmu - recording it even if it's not a source pkg version
More information about the Secure-testing-commits
mailing list