* Christian Marillat: >>>> I don't know what zvbi-ntsc-cc does, so this might not be a security >>>> issue after all. Please investigate. Thanks! >>> >>> What to do with this bug report ? CVE is still a canditate after more >>> than 2 months. >> >> This doesn't mean anything, as I tried to explain in my June 16 >> message: > > CVE expert are not able to decide if this "vulnerability" is one or > not ?
CVE only catalogs publicly available information. They do not reverse-engineer software to check if the reports are accurate. In general, this is difficult to do anyway because the source code, documentation or domain-specific knowledge is not readily available. So what does zvbi-ntsc-cc do? Does it process any data from untrusted sources? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
