Author: jmm-guest Date: 2006-03-08 21:43:25 +0000 (Wed, 08 Mar 2006) New Revision: 3569 Modified: data/CVE/list Log: three potential CVE-2005-4048 packages verified to be not affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-03-08 21:14:24 UTC (rev 3568) +++ data/CVE/list 2006-03-08 21:43:25 UTC (rev 3569) @@ -3714,11 +3714,9 @@ - xine-lib 1.0.1-1.5 (bug #342208; medium) - mplayer <itp> (bug #113238; medium) - gst-ffmpeg 0.8.7-5 (bug #343503; medium) - - kino <unfixed> (medium) - - smilutils <unfixed> (medium) - vlc 0.8.4.debian-2 (medium) - - motion <unfixed> (medium) NOTE: kino, smilutils, motion and vlc link statically against libavcodec, need a recompile once ffmpeg is fixed + NOTE: smilutils, motion, kino link statically against libavcodec, but don''t use the vulnerable function CVE-2005-4047 (Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ...) NOT-FOR-US: IISWorks ASPKnowledgeBase CVE-2005-4046 (Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java ...)