[Secure-testing-team] Lenny security bug sprint
Nico Golde
debian-secure-testing+ml at ngolde.de
Mon Nov 17 14:22:37 UTC 2008
Hi,
thanks for building this list!
* Moritz Muehlenhoff <jmm at inutil.org> [2008-11-17 09:18]:
[...]
> mplayer / CVE-2007-6718
> The infinite loop is harmless, the other two open issues should be checked
> in more depth, but the appear as regular bugs rather than security issues.
>
> mplayer / CVE-2008-4610
> The ogm file is handled gracefully, the aac file crashes mplayer, but needs
> some checking, whether it's really a security problem.
I'm fairly busy with university stuff in the next days, I'll
have a look at these until the end of the week.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081117/f6ffc24a/attachment.pgp
More information about the Secure-testing-team
mailing list