Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 16 Apr 2013 03:10:16 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Salvatore Bonaccorso <carnil@...ian.org>
Subject: Re: CVE Request: VLC Buffer Overflow in ASF Demuxer

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/14/2013 03:31 AM, Salvatore Bonaccorso wrote:
> Hi Kurt
> 
> I have not found a CVE assigned for the following issue already
> (note upstream advisory also has only a CVE reference reference
> marked):
> 
> VLC Security Advisory 1302 is about Buffer Overflow in ASF
> Demuxer:
> 
> http://www.videolan.org/security/sa1302.html
> 
> With upstream git commit:
> 
> http://git.videolan.org/?p=vlc.git;a=commitdiff;h=b31ce523331aa3a6e620b68cdfe3f161d519631e
>
>  Can a CVE be assigned to this issue (in case it's not yet in
> progress) to better track the issue?
> 
> Regards, Salvatore
> 

Please use CVE-2013-1954 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRbRV4AAoJEBYNRVNeJnmTC04P/1Qjt5AijujDhJsizf3Cx6+e
qVm6oq/iSZhCpjRdVttJW3nCgydsDbqkoVtQBw7w3/3ZgMPkK/UZmPUsqkD8VGuR
IhFO5eFHKB9xhFR+432IVcXOGsrPuq5mzE257c1BqQDO0Iudo5rVshMSyzLu6WAu
SwzwPlXMQYkjKUWAr+L+TdpOYBCEGwB00TCVjmVH7V6n3Af8bUQAmCXaogBh9Uk3
lG4jo6SsQnwAvCo68VuYUOD+LaCwfwiWEmhOdSUbEZ5UkwREsKwFidlrmvv4bQgf
+VppZMmOutz1kw7nqLwI0Xj0P7YKTYtsi+E0tZH+jr0mSr7H5vwAPcPwLj8LoC2r
4euClCDtI4I1B2N34tdYSXWCQJ/aY+UkM8Uyw5+e37vnhEREOdOyMZyQNt587lET
JddJGs9eGyxN8n9uZoojSGIrx70SXq/y8sfwhUTKJBHivzwUOQSIIiJZWf7SJem/
EgQaLgVUClBo3rRcGexbRV4BnNE6+4BrYrM2AxabCbqTsme2N730SNzXlM30y4Ux
W62oIXWW0e2zooX53ImbLPgoymeqR0NAx8UMmZ/re6GzUbkcDjD4ZJPQsiYlgrc0
pBsOhaG+jCGVo2Z2VLC5yhlOmqh1ZCSG0xKdvgu+rC3UQX3Rkt4qCaVl2HZ7fQLi
+oDcJb2KFuZczVl6NeoM
=0Q5f
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.