2.5 Addendum


Monday, October 20, 2008

Since the vulnerability was fixed and a new version of VLC is now available, I released a detailed security advisory on my website (Figure 2-10 shows the timeline).[21] The bug was assigned CVE-2008-4654.


According to the documentation provided by MITRE,[22] Common Vulnerabilities and Exposures Identifiers (also called CVE names, CVE numbers, CVE-IDs, and CVEs) are “unique, common identifiers for publicly known information security vulnerabilities.”

Timeline of the vulnerability

Figure 2-10. Timeline of the vulnerability


Monday, January 5, 2009

In reaction to the bug and my detailed advisory, I got a lot of mail with various questions ...

Get A Bug Hunter's Diary now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.