oss-sec mailing list archives

CVE request: VLC / Asterisk

From: Moritz Muehlenhoff <jmm () debian org>
Date: Fri, 6 Jul 2012 16:55:09 +0200

Hi,

Please assign CVE IDs:

1. heap-based buffer overflow in VLC's Ogg demuxer
Fixed in the VLC 2.0.2 release

Commit:
http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=16e9e126333fb7acb47d363366fee3deadc8331e

2. asterisk: Possible resource leak on uncompleted re-invite transactions
http://downloads.asterisk.org/pub/security/AST-2012-010.html

Cheers,
        Moritz

Current thread:

CVE request: VLC / Asterisk Moritz Muehlenhoff (Jul 06)
- Re: CVE request: VLC / Asterisk Kurt Seifried (Jul 06)
- Re: CVE request: Asterisk Kurt Seifried (Jul 06)
  - Re: CVE request: Asterisk cve-assign (Jul 06)
  - Re: CVE request: Asterisk Matthew Jordan (Jul 06)