[Secure-testing-team] Bug#633675: vlc-nox: heap overflow in AVI plugin

Package: vlc-nox Version: 1.1.10-1+b1 Severity: grave Tags: security upstream Justification: user security hole See upstream advisory for details: http://www.videolan.org/security/sa1106.html -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (100, 'unstable')

[Secure-testing-team] Bug#633674: vlc: heap overflow in RealMedia plugin

Package: vlc-nox Version: 1.1.10-1+b1 Severity: grave Tags: security upstream Justification: user security hole See upstream advisory for details: http://www.videolan.org/security/sa1105.html -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (100, 'unstable')

[Secure-testing-team] Bug#633637: Exploitable remotely: SQL injection

Package: libapache2-mod-authnz-external Version: 3.2.4-2 Severity: critical Tags: security patch -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there, According to http://code.google.com/p/mod-auth-external/issues/detail?id=5 there's a possible remote sql injection bug. The fix is a two liner:

[Secure-testing-team] Bug#633630: CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus

Source: libvirt Version: 0.9.2 Severity: important Tags: security Hi Guido In [1] (CVE-2011-2511) an integer overflow in VirDomainGetVcpus for libvirt is mentioned. This is fixed in new upstream 0.9.3. Here [2] is the patch applied by upstream. Can/should there be an update to for stable (if affe