[vlc-devel] commit: Updated the CVE references for 0.8.6f ( Felix Paul Kühne )

git version control git at videolan.org
Sat Apr 19 17:49:05 CEST 2008


vlc | branch: master | Felix Paul Kühne <fkuehne at videolan.org> | Sat Apr 19 17:50:02 2008 +0200| [922e2ad114578b11f1fa2f4ca148ecfa714b9769]

Updated the CVE references for 0.8.6f

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=922e2ad114578b11f1fa2f4ca148ecfa714b9769
---

 NEWS |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 6aaecf8..cd280f0 100644
--- a/NEWS
+++ b/NEWS
@@ -201,8 +201,9 @@ Changes between 0.8.6e and 0.8.6f:
 Security updates:
  * Really fixed subtitle buffer overflow (CVE-2007-6681)
  * Fixed Real RTSP code execution problem (CVE-2008-0073)
- * Fixed MP4 integer overflows (CVE-2008-1489)
- * Fixed cinepak integer overflow
+ * Fixed MP4 integer overflows (CVE-2008-1489, CVE-2008-1768)
+ * Fixed cinepak vulnerabilities (CVE-2008-1769)
+ - More information can be found in VideoLAN-SA-0801 and VideoLAN-SA-0803.
 
 Various bugfixes:
  * The Mozilla plugin registers a usable range of MIME-types on Mac OS X




More information about the vlc-devel mailing list