thr3ads.net - Secure testing commits - [Secure-testing-commits] r5343

If this information is useful, please help other people find it:
Share via:

Stefan Fritsch

2007-Jan-24 18:19 UTC

[Secure-testing-commits] r5343 - data/CVE

Author: stef-guest
Date: 2007-01-24 18:19:38 +0100 (Wed, 24 Jan 2007)
New Revision: 5343

Modified:
   data/CVE/list
Log:
- some more new gstreamer ffmpeg issues fixed
- gst-plugins-bad0.10 fixed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-01-24 12:13:35 UTC (rev 5342)
+++ data/CVE/list	2007-01-24 17:19:38 UTC (rev 5343)
@@ -1,3 +1,7 @@
+CVE-2007-XXXX [gstreamer ffmpeg missing checks of packet sizes, chunk sizes,
and fragment positions]
+        - gstreamer0.10-ffmpeg 0.10.1-6
+        - gst-ffmpeg 0.8.7-10
+        TODO: check other ffmpeg related packages
 CVE-2007-0471 (sre/params.php in Check Point Connectra NGX R62 and earlier
allows ...)
 	NOT-FOR-US: Check Point
 CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9,
and ...)
@@ -7229,7 +7233,7 @@
 	NOT-FOR-US: MS IE
 CVE-2006-4192 (Multiple buffer overflows in MODPlug Tracker (OpenMPT)
1.17.02.43 and ...)
 	- libmodplug 1:0.7-5.2 (medium; bug #383574)
-	- gst-plugins-bad0.10 (medium; bug #407956)
+	- gst-plugins-bad0.10 0.10.3-3.1 (medium; bug #407956)
 CVE-2006-4191 (Directory traversal vulnerability in memcp.php in XMB (Extreme
Message ...)
 	NOT-FOR-US: XMB
 CVE-2006-4190 (Directory traversal vulnerability in autohtml.php in the
AutoHTML ...)

Secure testing commits - Jan 2007 - r5343 - data/CVE

[Secure-testing-commits] r5343 - data/CVE