Author: nion Date: 2009-04-12 12:23:05 +0000 (Sun, 12 Apr 2009) New Revision: 11612 Modified: data/CVE/list Log: new mpg123 issue (fixed in 1.7.2-1) Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-12 04:06:59 UTC (rev 11611) +++ data/CVE/list 2009-04-12 12:23:05 UTC (rev 11612) @@ -1,3 +1,8 @@ +CVE-2009-XXXX [mpg123 possible invalid read] + - mpg123 1.7.2-1 (low) + NOTE: http://secunia.com/advisories/34587/3/ + NOTE: unlike secunia states I can''t see that this allows code execution but is just an invalid read + NOTE: crashing the application CVE-2009-1284 (Buffer overflow in BibTeX 0.99 allows context-dependent attackers to ...) - texlive-bin <unfixed> (bug #520920) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=492136