Monday, October 20, 2008
Since the vulnerability was fixed and a new version of VLC is now available, I released a detailed security advisory on my website (Figure 2-10 shows the timeline). The bug was assigned CVE-2008-4654.
According to the documentation provided by MITRE, Common Vulnerabilities and Exposures Identifiers (also called CVE names, CVE numbers, CVE-IDs, and CVEs) are “unique, common identifiers for publicly known information security vulnerabilities.”
Figure 2-10. Timeline of the vulnerability
Monday, January 5, 2009
In reaction to the bug and my detailed advisory, I got a lot of mail with various questions ...