CVE-2013-1868
Henri Salo
henri at nerv.fi
Wed Mar 20 11:56:22 UTC 2013
> VLC 2.0.3-5 from testing is (probably) affected and VLC 2.0.5-1 from
> unstable is not affected.
Could you submit this information to security tracker after you have verified
it?
> > http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=9b0414dc7f5c18ff2951175cf076779c444efd70
>
> This git commit is not the correct commit.
Removed from security tracker. Do you know what is the correct commitdiff?
> I would appreciate a bug report with an attached and tested patch.
I can submit a bug to BTS, but I don't have knowledge/skills to test this issue
and currently no time to create patch for it. This is the reason I contacted you
via email. Please note that the commitdiff-link was in the CVE-request in
oss-security mailing list. I also prefer not to report the bug with unclear
details.
---
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20130320/4bcc365f/attachment.pgp>
More information about the pkg-multimedia-maintainers
mailing list