Author: jmm
Date: 2015-01-21 08:28:49 +0000 (Wed, 21 Jan 2015)
New Revision: 31570
Modified:
data/CVE/list
Log:
one vlc issue n/a
vlc eol in squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-21 08:00:06 UTC (rev 31569)
+++ data/CVE/list 2015-01-21 08:28:49 UTC (rev 31570)
@@ -262,25 +262,33 @@
RESERVED
CVE-2015-1203 [stack allocation with an attacker-controlled size --
modules/access/ftp.c]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
CVE-2015-1202 [stack allocation with an attacker-controlled size --
modules/services_discovery/sap.c]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
CVE-2014-9630 [Invalid memory access in rtp code]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
CVE-2014-9629 [integer overflow with resultant buffer overflow]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
CVE-2014-9628 [attacker-triggered zero-size malloc with resultant buffer
overflow]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
CVE-2014-9627 [integer truncation on 32-bit platforms]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
CVE-2014-9626 [integer underflow]
- vlc <unfixed> (bug #775866)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
CVE-2014-9625 [Buffer overflow in updater]
- - vlc <unfixed> (bug #775866)
+ - vlc <not-affected> (Update mechanism not enabled in the Debian
package)
+ [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
CVE-2014-9623 [Glance user storage quota bypass]
- glance <unfixed>
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
