2.5 Addendum

Note

Monday, October 20, 2008

Since the vulnerability was fixed and a new version of VLC is now available, I released a detailed security advisory on my website (Figure 2-10 shows the timeline).[21] The bug was assigned CVE-2008-4654.

Note

According to the documentation provided by MITRE,[22] Common Vulnerabilities and Exposures Identifiers (also called CVE names, CVE numbers, CVE-IDs, and CVEs) are “unique, common identifiers for publicly known information security vulnerabilities.”

Timeline of the vulnerability

Figure 2-10. Timeline of the vulnerability

Note

Monday, January 5, 2009

In reaction to the bug and my detailed advisory, I got a lot of mail with various questions ...

Get A Bug Hunter's Diary now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.