Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-07 Thread Ricardo Villalba
I'm already using mongoose 6.11 in the svn of SMPlayer. So far it seems to work fine for me. https://app.assembla.com/spaces/smplayer/subversion/commits/9030 2018-06-07 15:08 GMT+02:00 Reinhard Tartler : > On Thu, Jun 7, 2018 at 6:20 AM Mateusz Łukasik wrote: > >> This is not fixed for me. I

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-07 Thread Reinhard Tartler
On Thu, Jun 7, 2018 at 6:20 AM Mateusz Łukasik wrote: > This is not fixed for me. I made patch with add latest Mongoose version > which included fixed for all of this cve's. > It pushed now to salsa. > > -- Thank you! I see that you've added

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-07 Thread Mateusz Łukasik
t; > component from the smplayer build? >> > >> > Please let me know your thoughts on this. >> > >> > Best, >> > Reinhard >> > >> > -- Forwarded message - >> > From: Morit

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-05 Thread Moritz Mühlenhoff
On Mon, Jun 04, 2018 at 12:47:48PM -0400, Reinhard Tartler wrote: > Ok, thanks. That sounds like a good plan! BTW, I'm not sure if Talos security actually reported these to the censenta/mongoose upstream project or whether they're doing it for the security buzz/advertising factor... I saw that

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-04 Thread Reinhard Tartler
o you is whether we can easily disable the chromecast > >> > component from the smplayer build? > >> > > >> > Please let me know your thoughts on this. > >> > > >> > Best, > >> > Reinhard > >> > > >> > -

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-03 Thread Ricardo Villalba
you is whether we can easily disable the chromecast >> > component from the smplayer build? >> > >> > Please let me know your thoughts on this. >> > >> > Best, >> > Reinhard >> > >> > -- Forwarded message - >> &g

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-03 Thread Reinhard Tartler
question to you is whether we can easily disable the chromecast > > component from the smplayer build? > > > > Please let me know your thoughts on this. > > > > Best, > > Reinhard > > > > -- Forwarded message - > > From: M

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-03 Thread Ricardo Villalba
from the smplayer build? > > Please let me know your thoughts on this. > > Best, > Reinhard > > -- Forwarded message - > From: Moritz Muehlenhoff > Date: Thu, May 17, 2018 at 12:51 PM > Subject: Bug#898943: Multiple vulnerabiliities in Mongoose &g

Bug#898943: Fwd: Bug#898943: Multiple vulnerabiliities in Mongoose

2018-06-03 Thread Reinhard Tartler
the smplayer build? Please let me know your thoughts on this. Best, Reinhard -- Forwarded message - From: Moritz Muehlenhoff Date: Thu, May 17, 2018 at 12:51 PM Subject: Bug#898943: Multiple vulnerabiliities in Mongoose To: Debian Bug Tracking System Source: smplayer Severity

Bug#898943: Multiple vulnerabiliities in Mongoose

2018-05-17 Thread Moritz Muehlenhoff
Source: smplayer Severity: grave Tags: security smplayer seems to embed Cesenta Mongoose: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2892 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2893