Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Jul 2012 16:55:09 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: VLC / Asterisk

Hi,

Please assign CVE IDs:

1. heap-based buffer overflow in VLC's Ogg demuxer
Fixed in the VLC 2.0.2 release

Commit:
http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=16e9e126333fb7acb47d363366fee3deadc8331e

2. asterisk: Possible resource leak on uncompleted re-invite transactions
http://downloads.asterisk.org/pub/security/AST-2012-010.html

Cheers,
        Moritz

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.