oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: VLC Buffer Overflow in ASF Demuxer

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 16 Apr 2013 03:10:16 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/14/2013 03:31 AM, Salvatore Bonaccorso wrote:

Hi Kurt

I have not found a CVE assigned for the following issue already
(note upstream advisory also has only a CVE reference reference
marked):

VLC Security Advisory 1302 is about Buffer Overflow in ASF
Demuxer:

http://www.videolan.org/security/sa1302.html

With upstream git commit:

http://git.videolan.org/?p=vlc.git;a=commitdiff;h=b31ce523331aa3a6e620b68cdfe3f161d519631e

 Can a CVE be assigned to this issue (in case it's not yet in
progress) to better track the issue?

Regards, Salvatore



Please use CVE-2013-1954 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRbRV4AAoJEBYNRVNeJnmTC04P/1Qjt5AijujDhJsizf3Cx6+e
qVm6oq/iSZhCpjRdVttJW3nCgydsDbqkoVtQBw7w3/3ZgMPkK/UZmPUsqkD8VGuR
IhFO5eFHKB9xhFR+432IVcXOGsrPuq5mzE257c1BqQDO0Iudo5rVshMSyzLu6WAu
SwzwPlXMQYkjKUWAr+L+TdpOYBCEGwB00TCVjmVH7V6n3Af8bUQAmCXaogBh9Uk3
lG4jo6SsQnwAvCo68VuYUOD+LaCwfwiWEmhOdSUbEZ5UkwREsKwFidlrmvv4bQgf
+VppZMmOutz1kw7nqLwI0Xj0P7YKTYtsi+E0tZH+jr0mSr7H5vwAPcPwLj8LoC2r
4euClCDtI4I1B2N34tdYSXWCQJ/aY+UkM8Uyw5+e37vnhEREOdOyMZyQNt587lET
JddJGs9eGyxN8n9uZoojSGIrx70SXq/y8sfwhUTKJBHivzwUOQSIIiJZWf7SJem/
EgQaLgVUClBo3rRcGexbRV4BnNE6+4BrYrM2AxabCbqTsme2N730SNzXlM30y4Ux
W62oIXWW0e2zooX53ImbLPgoymeqR0NAx8UMmZ/re6GzUbkcDjD4ZJPQsiYlgrc0
pBsOhaG+jCGVo2Z2VLC5yhlOmqh1ZCSG0xKdvgu+rC3UQX3Rkt4qCaVl2HZ7fQLi
+oDcJb2KFuZczVl6NeoM
=0Q5f
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: