Author: jmm-guest
Date: 2006-03-08 21:43:25 +0000 (Wed, 08 Mar 2006)
New Revision: 3569
Modified:
data/CVE/list
Log:
three potential CVE-2005-4048 packages verified to be not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-08 21:14:24 UTC (rev 3568)
+++ data/CVE/list 2006-03-08 21:43:25 UTC (rev 3569)
@@ -3714,11 +3714,9 @@
- xine-lib 1.0.1-1.5 (bug #342208; medium)
- mplayer <itp> (bug #113238; medium)
- gst-ffmpeg 0.8.7-5 (bug #343503; medium)
- - kino <unfixed> (medium)
- - smilutils <unfixed> (medium)
- vlc 0.8.4.debian-2 (medium)
- - motion <unfixed> (medium)
NOTE: kino, smilutils, motion and vlc link statically against
libavcodec, need a recompile once ffmpeg is fixed
+ NOTE: smilutils, motion, kino link statically against libavcodec, but
don't use the vulnerable function
CVE-2005-4047 (Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks
...)
NOT-FOR-US: IISWorks ASPKnowledgeBase
CVE-2005-4046 (Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun
Java ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
