Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 24 Aug 2008 15:31:09 +0300
From: Pınar Yanardağ <pinar@...dus.org.tr>
To: oss-security@...ts.openwall.com
Subject: Re: CVE id request: vlc

Nico Golde wrote On 24-08-2008 13:10:
> Hi,
> * Pinar Yanarda<pinar@...dus.org.tr>  [2008-08-24 11:23]:
>    
>> Nico Golde wrote On 24-08-2008 03:13:
>>      
>>> Hi,
>>> there seems to be a buffer overflow in videolans mms
>>> handling:
>>> http://www.orange-bat.com/adv/2008/adv.08.24.txt
>>>
>>>        
>> Btw, a vendor patch has been released:
>> http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.html
>>      
>
> Wow that was fast, 4 hours after I notified them of the
> problem.
> Looks correct to me. Anyone else had a look at the patch?
>    

I was having some trouble to apply this patch but they updated it a 
couple of hours ago, which works fine now.

http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048504.html

Cheers,

-- 
Pınar Yanardağ
http://pinguar.org

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.