oss-sec mailing list archives
Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc
From: Robert Buchholz <rbu () gentoo org>
Date: Mon, 25 Aug 2008 11:59:49 +0200
On Sunday 24 August 2008, Pınar Yanardağ wrote:
Nico Golde wrote On 24-08-2008 13:10:Hi, * Pinar Yanarda<pinar () pardus org tr> [2008-08-24 11:23]:Nico Golde wrote On 24-08-2008 03:13:Hi, there seems to be a buffer overflow in videolans mms handling: http://www.orange-bat.com/adv/2008/adv.08.24.txtBtw, a vendor patch has been released: http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488 .htmlWow that was fast, 4 hours after I notified them of the problem. Looks correct to me. Anyone else had a look at the patch?I was having some trouble to apply this patch but they updated it a couple of hours ago, which works fine now.
Hey Pınar, I noticed Pardus is not yet listed on the 'How to steal hard work and patches from others' page, aka: http://oss-security.openwall.org/wiki/distro-patches If you host your patches somewhere, please add a pointer there. Also, are you managing security bugs with Bugzilla, or somewhere else where one can look up the status of an issue? Thanks, Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: vlc Nico Golde (Aug 23)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
- Re: CVE id request: vlc Nico Golde (Aug 24)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
- Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Robert Buchholz (Aug 25)
- Re: Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Pınar Yanardağ (Aug 25)
- Re: CVE id request: vlc Nico Golde (Aug 24)
- Re: CVE id request: vlc Steven M. Christey (Aug 26)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)