Your message dated Fri, 16 Oct 2009 08:27:50 +0200
with message-id <[email protected]>
and subject line Re: CVE-2007-4904 user-assisted remote denial of service
has caused the Debian Bug report #443130,
regarding CVE-2007-4904 user-assisted remote denial of service
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
443130: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=443130
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: helix-player
Version: 1.0.8-2
Severity: normal
Tags: security
Hi Daniel,
a CVE was published for helix-player.
CVE-2007-4904[0]:
RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix
Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other
platforms, allow user-assisted remote attackers to cause a
denial of service (application crash) via a malformed .au
file that triggers a divide-by-zero error.
I can confirm this bug in unstable.
If you fix this bug please include the CVE id in the
changelog.
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4904
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [email protected] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpcmgfOee5aO.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
closing; package not in the archive anymore.
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: [email protected]
Internet: http://people.panthera-systems.net/~daniel-baumann/
--- End Message ---
