Re: List of RC-buggy source packages by maintainer/uploader
Hi Reinhard,
* Reinhard Tartler <siretart@debian.org> [2008-10-07 13:09]:
> Lucas Nussbaum <lucas@lucas-nussbaum.net> writes:
>
> > Reinhard Tartler <siretart@tauware.de>
> > xine-lib (#498243)
>
> Needs help. That report is a security report from ocert. The full report
> can be seen here: http://www.ocert.org/analysis/2008-008/analysis.txt
>
> all fixes from 1.1.15 are backported to debian's 1.1.14 package already,
> what is missing are issues 3A-3G.
Can you make the patch available somewhere? Last time I
looked at the there were some fixes in the code that didn't
actually fix the vulnerability.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
Reply to: