nion at alioth.debian.org
2008-Dec-23 20:18 UTC
[Secure-testing-commits] r10789 - data/CVE
Author: nion Date: 2008-12-23 20:18:43 +0000 (Tue, 23 Dec 2008) New Revision: 10789 Modified: data/CVE/list Log: CVE-2008-4610 fixed in mplayer, ogm issue unfixed in ffmpeg Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-23 20:01:11 UTC (rev 10788) +++ data/CVE/list 2008-12-23 20:18:43 UTC (rev 10789) @@ -2499,7 +2499,10 @@ CVE-2008-4611 (SQL injection vulnerability in index.php in PHP Arsivimiz Php ...) NOT-FOR-US: PHP Arsivimiz Php Ziyaretci Defteri CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...) - - mplayer <unfixed> (low; bug #407010) + - mplayer 1.0~rc2-20 (low; bug #407010) + NOTE: only the aac issue affected mplayer because it built against a copy of faad + NOTE: the ogm issue is a problem in ffmpeg + - ffmpeg-debian <unfixed> (low; bug #509616) NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...) TODO: check