Openwall GNU/*/Linux 3.0 - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 18 May 2011 22:06:33 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap

Hi,
please assign CVE IDs for the following issues tracked in the Debian Security Tracker:

1. ffmpeg/libav out of array write in AMV parsing

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339
http://seclists.org/bugtraq/2011/Apr/257
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32

2. widelands directory traversal

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617960
http://bazaar.launchpad.net/~widelands-dev/widelands/build-15/revision/5021

3. SQL injection in Jifty::DBI

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622919
http://lists.jifty.org/pipermail/jifty-devel/2011-April/002426.html

4. lilo: lilo-uuid-diskid makes lilo.conf world-readable

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615103

5. libpcap packet truncation

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
http://thread.gmane.org/gmane.network.tcpdump.devel/5018

Cheers,
        Moritz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ