oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: VLC Buffer overflows

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 19 Mar 2013 01:50:32 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/17/2013 06:52 AM, Sean Amoss wrote:

It looks like this issue has not been assigned a CVE ID:

VLC media player 2.0.5 addresses buffer overflow flaws in the
freetype renderer and HTML subtitle parser.

Reference: http://www.videolan.org/security/sa1301.html

Upstream fix: 
http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=9b0414dc7f5c18ff2951175cf076779c444efd70



Thanks, Sean



Please use CVE-2013-1868 for these issues.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRSBjIAAoJEBYNRVNeJnmToJUP/0RjhDeG77/f++xOk1mTfC3p
g53cXgcuvhWfbumdZyjuqnuXtv5SjvJ7ZrVQ6+Nr5AQf71vIHe9tsmFj2J7U1hBX
4Il9gZc88NhDHYcsom6eQQg3X9nJ6gVa7qpiEHGCe1gEK+VzgjRcXe7Zjk5cSppQ
zryMJb5vdceIaV4zaacMqHkuCK8nphmVBJBzpuhXfCLrfxozYwHN6e1Bb7nPeS4H
cZ1kHNK62nuG27AjaY40bOkv2hJxGs4I89JZ5mKofWr/tGj67w2Y04oVouJALKYW
AScZYskKrZYlXwfkqt4GIvTY0oh2mPkWqwBdnOuxuBkdoauETF/YZf3S/YS/tFEr
97iXiJTwTFCjsxug7WmK9rGWIK/+pJDnjU8Ud+im1/uWuQzoKt2sQEJluOOKdgiA
7LkhwHhGLIH2lHSxbiuhg3OIResVwE/vBA1vikiIS3p2BTuiS3WFB6ywGHmU2yCc
NvQundgAmeg8TeS0EtsVrqq3fDXF7eLyPPN4SLfGftDV8nQJEJETsr0yiY0aPukJ
vTWDEFnQk/h8DIsO+5W9RaSE9YiOoNNo93Saesw8AKIMfCegXvqBErFjlYT3+Fsz
zo+9f3W3nxlQaz0yhwItQFQZpS3nkOMuYFR4Zht2ZqXdsM7EeKdVX8ft+ZCoxmul
NfSm8s1+N1KxbpW6Dc0b
=Khpl
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: