Hi, * Michael Gilbert <[email protected]> [2009-08-30 19:06]: > Author: gilbert-guest > Date: 2009-08-30 17:09:16 +0000 (Sun, 30 Aug 2009) > New Revision: 12708 > > Modified: > data/CVE/list > Log: > beginning of embedded code copies triage (5 down 395 to go) > > Modified: data/CVE/list > =================================================================== > --- data/CVE/list 2009-08-30 03:00:07 UTC (rev 12707) > +++ data/CVE/list 2009-08-30 17:09:16 UTC (rev 12708) > @@ -1286,6 +1286,7 @@ > CVE-2009-2660 (Multiple integer overflows in CamlImages 2.2 might allow ...) > {DSA-1857-1} > - camlimages 1:3.0.1-3 (medium; bug #540146) > + - advi <not-affected> (affected code section not present in advi code > copy of camlimages) > CVE-2009-2657 (nilfs-utils before 2.0.14 installs multiple programs with > unnecessary ...) > - nilfs2-tools <not-affected> (dh_fixperms removes the setuid and > setgid bits from all files) > CVE-2009-2656 (Unspecified vulnerability in the com.android.phone process in > Android ...) > @@ -1303,6 +1304,8 @@ > CVE-2009-XXXX [VLC: integer underflow in Real RTSP] > - vlc 1.0.1-1 > - mplayer <unfixed> > + - xine-lib <unfixed> > + NOTE: affected mplayer code copy present in xine-lib
Did you only check if the code is present or also if it's used? Cheers Nico -- Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpYKeUqzGgld.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
