nion at alioth.debian.org
2008-Oct-22 17:41 UTC
[Secure-testing-commits] r10148 - data/CVE
Author: nion Date: 2008-10-22 17:41:25 +0000 (Wed, 22 Oct 2008) New Revision: 10148 Modified: data/CVE/list Log: vlc cveified Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-22 17:19:01 UTC (rev 10147) +++ data/CVE/list 2008-10-22 17:41:25 UTC (rev 10148) @@ -87,11 +87,14 @@ NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136 CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...) TODO: check -CVE-2008-XXXX [vlc overflow in ty parsing] +CVE-2008-4654 [vlc overflow in ty parsing] - vlc <not-affected> (bug #502726) NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable) TODO: check if >= 0.9.4 is uploaded to unstable - NOTE: requested CVE id on oss-sec +CVE-2008-4686 [integer overflow in ty parsing] + - vlc <unfixed> (medium; bug #503118) + NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable) + TODO: check if >= 0.9.4 is uploaded to unstable CVE-2008-XXXX [mantis code execution] - mantis 1.1.2+dfsg-7 (medium; bug #502728) NOTE: only registered users can perform this