[Secure-testing-team] Lenny security bug sprint

Nico Golde debian-secure-testing+ml at ngolde.de
Mon Nov 17 14:22:37 UTC 2008

thanks for building this list!
* Moritz Muehlenhoff <jmm at inutil.org> [2008-11-17 09:18]:
> mplayer / CVE-2007-6718
>   The infinite loop is harmless, the other two open issues should be checked
>   in more depth, but the appear as regular bugs rather than security issues.
> mplayer / CVE-2008-4610
>   The ogm file is handled gracefully, the aac file crashes mplayer, but needs
>   some checking, whether it's really a security problem.

I'm fairly busy with university stuff in the next days, I'll 
have a look at these until the end of the week.

Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081117/f6ffc24a/attachment.pgp 

More information about the Secure-testing-team mailing list