[vlc] security issues in vlc 0.8.6c
Nico Golde
nion at debian.org
Wed Jan 2 20:59:51 CET 2008
Hi,
I am currently investigating the latest vlc security issues
for Debian.
About CVE-2007-4619, in the NEWS file you say this is for
Windows and Mac OS Binaries. Does this vulnerability only
affect these two systems?
For VideoLAN-SA-0703:
VLCPlugin::~VLCPlugin()
{
+ /*
+ ** bump refcount to avoid recursive release from
+ ** following interfaces when releasing this interface
+ */
+ AddRef();
+
Is this the only change needed to fix this?
Patches welcome ;)
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc/attachments/20080102/53dcdd30/attachment.sig>
More information about the vlc
mailing list