nion at alioth.debian.org
2008-Oct-15 15:30 UTC
[Secure-testing-commits] r10094 - data/CVE
Author: nion Date: 2008-10-15 15:30:07 +0000 (Wed, 15 Oct 2008) New Revision: 10094 Modified: data/CVE/list Log: vlc only affected in experimental Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-15 14:33:55 UTC (rev 10093) +++ data/CVE/list 2008-10-15 15:30:07 UTC (rev 10094) @@ -23,9 +23,9 @@ CVE-2008-4546 (Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 ...) TODO: check CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote attackers to ...) - - vlc <unfixed> (medium; bug #502314) + - vlc <not-affected> (medium; bug #502314) NOTE: http://www.coresecurity.com/content/vlc-xspf-memory-corruption - TODO: report bug + TODO: only 0.9.0->0.9.2 are affected, check if newer upstream version is uploaded to unstable CVE-2008-4545 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x ...) NOT-FOR-US: Cisco CVE-2008-4544 (Unspecified vulnerability in an unspecified Microsoft API, as used by ...)