diff options
author | simon <simon@FreeBSD.org> | 2007-06-08 02:34:14 +0800 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2007-06-08 02:34:14 +0800 |
commit | 075e209823927b2e1b1d2317ce91809cccf6982b (patch) | |
tree | 7d285535a856bae74cdc9aea63ed48105bebd948 /security/vuxml | |
parent | 54bb4016c3e6cec9b7fe21d6730f54e339413f9c (diff) | |
download | freebsd-ports-gnome-075e209823927b2e1b1d2317ce91809cccf6982b.tar.gz freebsd-ports-gnome-075e209823927b2e1b1d2317ce91809cccf6982b.tar.zst freebsd-ports-gnome-075e209823927b2e1b1d2317ce91809cccf6982b.zip |
- The fixed mplayer version number is 0.99.10_10, mark it as such. [1]
- Add older mplayer package names.
- Break long lines.
Noticed by: Henrik Brix Andersen <henrik@brixandersen.dk>
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 1e5cea101ec5..4fa368ce2e2e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -39,19 +39,25 @@ Note: Please add new entries to the beginning of this file. <affects> <package> <name>mplayer</name> - <range><lt>0.99.10_9</lt></range> + <name>mplayer-esound</name> + <name>mplayer-gtk</name> + <name>mplayer-gtk2</name> + <name>mplayer-gtk-esound</name> + <name>mplayer-gtk2-esound</name> + <range><lt>0.99.10_10</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Mplayer Team reports:</p> <blockquote cite="http://www.mplayerhq.hu/design7/news.html"> - <p>A stack overflow was found in the code used to handle cddb queries. - When copying the album title and category, no checking was performed - on the size of the strings before storing them in a fixed-size array. - A malicious entry in the database could trigger a stack overflow in - the program, leading to arbitrary code execution with the uid of the - user running MPlayer.</p> + <p>A stack overflow was found in the code used to handle + cddb queries. When copying the album title and category, + no checking was performed on the size of the strings + before storing them in a fixed-size array. A malicious + entry in the database could trigger a stack overflow in + the program, leading to arbitrary code execution with the + uid of the user running MPlayer.</p> </blockquote> </body> </description> |