oss-sec mailing list archives

Re: CVE id request: vlc

From: Nico Golde <oss-security+ml () ngolde de>
Date: Sun, 24 Aug 2008 12:10:32 +0200

Hi,
* Pinar Yanarda <pinar () pardus org tr> [2008-08-24 11:23]:

Nico Golde wrote On 24-08-2008 03:13:

Hi,
there seems to be a buffer overflow in videolans mms
handling:
http://www.orange-bat.com/adv/2008/adv.08.24.txt


Btw, a vendor patch has been released:
http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.html


Wow that was fast, 4 hours after I notified them of the 
problem.
Looks correct to me. Anyone else had a look at the patch?

Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: _bin
Description:

Current thread:

CVE id request: vlc Nico Golde (Aug 23)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
  - Re: CVE id request: vlc Nico Golde (Aug 24)
    - Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
    - Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Robert Buchholz (Aug 25)
    - Re: Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Pınar Yanardağ (Aug 25)
    - Re: CVE id request: vlc Steven M. Christey (Aug 26)