[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0402131737550.3461-100000@xiongmao.otago.ac.nz>
Date: Fri, 13 Feb 2004 17:42:06 +1300 (NZDT)
From: Simon Brady <simon.brady@...go.ac.nz>
To: bugtraq@...urityfocus.com
Subject: Re: Scope of latest RealPlayer vuln
On Wed, 11 Feb 2004, I wrote:
> The Real Security Update notice at
>
> http://service.real.com/help/faq/security/040123_player/EN/
>
> gives a download URL for the English RealPlayer v2 (build 6.0.11.872) and
> instructs users of localised v2 players to use the Check for Updates menu
> option in the product.
> [...]
> Does anyone (NGSS?) have a list of precisely which versions are and aren't
> vulnerable? IMAO the Real notice is hopelessly vague on this.
The nice people at Real customer support have since provided the following
details:
"Please note that only the latest version of RealOne Player 6.0.11.872
and the RealPlayer 10 version 6.0.12.690 has the security patch
integrated in it."
--
Simon Brady mailto:simon.brady@...go.ac.nz
ITS Technical Services
University of Otago, Dunedin, New Zealand
Powered by blists - more mailing lists