oss-sec mailing list archives
Re: CVE Request: VLC Buffer overflows
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 19 Mar 2013 01:50:32 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/17/2013 06:52 AM, Sean Amoss wrote:
It looks like this issue has not been assigned a CVE ID: VLC media player 2.0.5 addresses buffer overflow flaws in the freetype renderer and HTML subtitle parser. Reference: http://www.videolan.org/security/sa1301.html Upstream fix: http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=9b0414dc7f5c18ff2951175cf076779c444efd70 Thanks, Sean
Please use CVE-2013-1868 for these issues. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRSBjIAAoJEBYNRVNeJnmToJUP/0RjhDeG77/f++xOk1mTfC3p g53cXgcuvhWfbumdZyjuqnuXtv5SjvJ7ZrVQ6+Nr5AQf71vIHe9tsmFj2J7U1hBX 4Il9gZc88NhDHYcsom6eQQg3X9nJ6gVa7qpiEHGCe1gEK+VzgjRcXe7Zjk5cSppQ zryMJb5vdceIaV4zaacMqHkuCK8nphmVBJBzpuhXfCLrfxozYwHN6e1Bb7nPeS4H cZ1kHNK62nuG27AjaY40bOkv2hJxGs4I89JZ5mKofWr/tGj67w2Y04oVouJALKYW AScZYskKrZYlXwfkqt4GIvTY0oh2mPkWqwBdnOuxuBkdoauETF/YZf3S/YS/tFEr 97iXiJTwTFCjsxug7WmK9rGWIK/+pJDnjU8Ud+im1/uWuQzoKt2sQEJluOOKdgiA 7LkhwHhGLIH2lHSxbiuhg3OIResVwE/vBA1vikiIS3p2BTuiS3WFB6ywGHmU2yCc NvQundgAmeg8TeS0EtsVrqq3fDXF7eLyPPN4SLfGftDV8nQJEJETsr0yiY0aPukJ vTWDEFnQk/h8DIsO+5W9RaSE9YiOoNNo93Saesw8AKIMfCegXvqBErFjlYT3+Fsz zo+9f3W3nxlQaz0yhwItQFQZpS3nkOMuYFR4Zht2ZqXdsM7EeKdVX8ft+ZCoxmul NfSm8s1+N1KxbpW6Dc0b =Khpl -----END PGP SIGNATURE-----
Current thread:
- CVE Request: VLC Buffer overflows Sean Amoss (Mar 17)
- Re: CVE Request: VLC Buffer overflows Kurt Seifried (Mar 19)