[Secure-testing-commits] r31563 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jan 20 21:38:09 UTC 2015


Author: carnil
Date: 2015-01-20 21:38:09 +0000 (Tue, 20 Jan 2015)
New Revision: 31563

Modified:
   data/CVE/list
Log:
CVE assigned for vlc

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-20 21:27:45 UTC (rev 31562)
+++ data/CVE/list	2015-01-20 21:38:09 UTC (rev 31563)
@@ -260,6 +260,28 @@
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
 CVE-2015-1049
 	RESERVED
+CVE-2015-1203 [stack allocation with an attacker-controlled size -- modules/access/ftp.c]
+	- vlc <unfixed> (bug #775866)
+CVE-2015-1202 [stack allocation with an attacker-controlled size -- modules/services_discovery/sap.c]
+	- vlc <unfixed> (bug #775866)
+CVE-2014-9630 [Invalid memory access in rtp code]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
+CVE-2014-9629 [integer overflow with resultant buffer overflow]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
+CVE-2014-9628 [attacker-triggered zero-size malloc with resultant buffer overflow]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
+CVE-2014-9627 [integer truncation on 32-bit platforms]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
+CVE-2014-9626 [integer underflow]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
+CVE-2014-9625 [Buffer overflow in updater]
+	- vlc <unfixed> (bug #775866)
+	NOTE: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
 CVE-2014-9623 [Glance user storage quota bypass]
 	- glance <unfixed>
 	[wheezy] - glance <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list