Author: stef-guest Date: 2006-10-29 15:00:32 +0100 (Sun, 29 Oct 2006) New Revision: 4894 Modified: data/CVE/list Log: convert mplayer itp into TODOs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-10-29 10:08:17 UTC (rev 4893) +++ data/CVE/list 2006-10-29 14:00:32 UTC (rev 4894) @@ -14161,7 +14161,7 @@ {DSA-1005-1 DSA-1004-1 DSA-992-1} - ffmpeg 0.cvs20050918-5.1 (bug #342207; medium) - xine-lib 1.0.1-1.5 (bug #342208; medium) - - mplayer <itp> (bug #113238; medium) + TODO: check mplayer - gst-ffmpeg 0.8.7-5 (bug #343503; medium) - vlc 0.8.4.debian-2 (medium) NOTE: kino, smilutils, motion and vlc link statically against libavcodec, need a recompile once ffmpeg is fixed @@ -28863,11 +28863,11 @@ CVE-2004-1312 (A bug in the HTML parser in a certain Microsoft HTML library, as used ...) NOT-FOR-US: Microsoft CVE-2004-1311 (Integer overflow in the real_setup_and_get_header function in real.c ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c functionality ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff ...) {DSA-617-1} - tiff 3.6.1-4 @@ -30505,7 +30505,7 @@ CVE-2004-0660 (Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) ...) NOT-FOR-US: CuteNews CVE-2004-0659 (Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2004-0658 (Integer overflow in the hpsb_alloc_packet function (incorrectly ...) - linux-2.6 <not-affected> (Invalid, according to Ben Collins) - kernel-source-2.4.27 <not-affected> (Invalid, according to Ben Collins) @@ -31044,7 +31044,7 @@ {DSA-504} - heimdal 0.6.2-1 CVE-2004-0433 (Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer - xine-lib 1-rc4 CVE-2004-0432 (ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL ...) - proftpd 1.2.9-4 @@ -31174,7 +31174,7 @@ CVE-2004-0387 (Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer ...) NOT-FOR-US: RealPlayer plugin CVE-2004-0386 (Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2004-0385 (Heap-based buffer overflow in Oracle 9i Application Server Web Cache ...) NOT-FOR-US: Oracle 9i Application Server Web Cache CVE-2004-0384 @@ -32336,7 +32336,7 @@ CVE-2003-0836 (Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before ...) NOT-FOR-US: IBM DB2 CVE-2003-0835 (Multiple buffer overflows in asf_http_request of MPlayer before 0.92 ...) - - mplayer <itp> (bug #113238) + TODO: check mplayer CVE-2003-0834 (Buffer overflow in CDE libDtHelp library allows local users to execute ...) NOT-FOR-US: CDE CVE-2003-0833 (Stack-based buffer overflow in webfs before 1.20 allows attackers to ...)