[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE request: VLC
From:       Laurent Butti <laurentb () gmail ! com>
Date:       2013-09-30 21:31:20
Message-ID: CA+e4TbdMu4LHbj8GU=xNdkF=97b2RZW0kmvsfDmnkZnKD7dEPA () mail ! gmail ! com
[Download RAW message or body]

Hi,

I have found a security issue in vlc 2.0.8 which was reported to VLC
team and fixed in both 2.0.9 and 2.1.0 (as "Fix buffer overflow in the
mp4a packetizer").

Here are the commit log and changelog:

* http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
* http://www.videolan.org/developers/vlc-branch/NEWS

Could a CVE be assigned?

Thanks,
Laurent Butti.
[prev in list] [next in list] [prev in thread] [next in thread]