nion at alioth.debian.org
2008-Dec-14 16:43 UTC
[Secure-testing-commits] r10696 - data/CVE
Author: nion Date: 2008-12-14 16:43:06 +0000 (Sun, 14 Dec 2008) New Revision: 10696 Modified: data/CVE/list Log: CVE-2008-5243 unfixed btu unimportant (xine) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-14 16:29:13 UTC (rev 10695) +++ data/CVE/list 2008-12-14 16:43:06 UTC (rev 10696) @@ -533,7 +533,9 @@ - mplayer <unfixed> (bug #407010) NOTE: overlaps with CVE-2008-4610, same aac issue CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, ...) - TODO: check + - xine-lib <unfixed> (unimportant; bug #508716) + NOTE: these are just invalid reads that result in segfaults, denial of service doesnt + NOTE: apply here as xine reading a file is no service -> application bug CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, ...) - xine-lib <unfixed> (medium; bug #507165; bug #498243) CVE-2008-5241 (Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 ...)