nion at alioth.debian.org
2008-Dec-03 19:42 UTC
[Secure-testing-commits] r10604 - data/CVE
Author: nion Date: 2008-12-03 19:42:03 +0000 (Wed, 03 Dec 2008) New Revision: 10604 Modified: data/CVE/list Log: CVE-2008-5244 fixed in xine 1.1.14-3 and faad2 1.1.14-3 mplayer unfixed, this is the same issue like the one described in CVE-2008-4610 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-03 19:05:44 UTC (rev 10603) +++ data/CVE/list 2008-12-03 19:42:03 UTC (rev 10604) @@ -147,7 +147,10 @@ CVE-2008-5245 (xine-lib before 1.1.15 performs V4L video frame preallocation before ...) TODO: check CVE-2008-5244 (Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact ...) - TODO: check + - xine 1.1.14-3 + - faad2 2.6.1-1 + - mplayer <unfixed> (bug #407010) + NOTE: overlaps with CVE-2008-4610, same aac issue CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, ...) TODO: check CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, ...)