[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: List of RC-buggy source packages by maintainer/uploader

Hi Reinhard,
* Reinhard Tartler <siretart@debian.org> [2008-10-07 13:09]:
> Lucas Nussbaum <lucas@lucas-nussbaum.net> writes:
> > Reinhard Tartler <siretart@tauware.de>
> >    xine-lib (#498243)
> Needs help. That report is a security report from ocert. The full report
> can be seen here: http://www.ocert.org/analysis/2008-008/analysis.txt
> all fixes from 1.1.15 are backported to debian's 1.1.14 package already,
> what is missing are issues 3A-3G.

Can you make the patch available somewhere? Last time I 
looked at the there were some fixes in the code that didn't 
actually fix the vulnerability.

Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Reply to: