[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request: VLC Buffer overflows
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2013-03-19 7:50:32
Message-ID: 514818C8.5050402 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/17/2013 06:52 AM, Sean Amoss wrote:
> It looks like this issue has not been assigned a CVE ID:
> 
> VLC media player 2.0.5 addresses buffer overflow flaws in the
> freetype renderer and HTML subtitle parser.
> 
> Reference: http://www.videolan.org/security/sa1301.html
> 
> Upstream fix: 
> http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=9b0414dc7f5c18ff2951175cf076779c444efd70
>
> 
> 
> Thanks, Sean
> 

Please use CVE-2013-1868 for these issues.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRSBjIAAoJEBYNRVNeJnmToJUP/0RjhDeG77/f++xOk1mTfC3p
g53cXgcuvhWfbumdZyjuqnuXtv5SjvJ7ZrVQ6+Nr5AQf71vIHe9tsmFj2J7U1hBX
4Il9gZc88NhDHYcsom6eQQg3X9nJ6gVa7qpiEHGCe1gEK+VzgjRcXe7Zjk5cSppQ
zryMJb5vdceIaV4zaacMqHkuCK8nphmVBJBzpuhXfCLrfxozYwHN6e1Bb7nPeS4H
cZ1kHNK62nuG27AjaY40bOkv2hJxGs4I89JZ5mKofWr/tGj67w2Y04oVouJALKYW
AScZYskKrZYlXwfkqt4GIvTY0oh2mPkWqwBdnOuxuBkdoauETF/YZf3S/YS/tFEr
97iXiJTwTFCjsxug7WmK9rGWIK/+pJDnjU8Ud+im1/uWuQzoKt2sQEJluOOKdgiA
7LkhwHhGLIH2lHSxbiuhg3OIResVwE/vBA1vikiIS3p2BTuiS3WFB6ywGHmU2yCc
NvQundgAmeg8TeS0EtsVrqq3fDXF7eLyPPN4SLfGftDV8nQJEJETsr0yiY0aPukJ
vTWDEFnQk/h8DIsO+5W9RaSE9YiOoNNo93Saesw8AKIMfCegXvqBErFjlYT3+Fsz
zo+9f3W3nxlQaz0yhwItQFQZpS3nkOMuYFR4Zht2ZqXdsM7EeKdVX8ft+ZCoxmul
NfSm8s1+N1KxbpW6Dc0b
=Khpl
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic