Bug#478140: vlc: CVE-2008-1768, CVE-2008-1769 multiple security issues

[Nico Golde]

Package: vlc
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for vlc.


CVE-2008-1769[0]:
| VLC before 0.8.6f allow remote attackers to cause a denial of service
| (crash) via a crafted Cinepak file that triggers an out-of-bounds
| array access and memory corruption.

Patch:
http://trac.videolan.org/vlc/changeset/d7e6e4afcecea38831282152d6e7af9a62989985

CVE-2008-1768[1]:
| Multiple integer overflows in VLC before 0.8.6f allow remote attackers
| to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real
| demuxer, and (3) Cinepak codec, which triggers a buffer overflow.

The MP4 demuxer issue is already partly covered by #467652, 
please also use:
http://trac.videolan.org/vlc/changeset/3a6282755277ba9321d405c635e50da935d258a6 and
http://trac.videolan.org/vlc/changeset/edca13e259472872fdfd456cf3ef4a21d1262c11

Real demuxer patch:
http://trac.videolan.org/vlc/changeset/783ab03c7bd8ddedcd3dc5bad18efc70a4c57aaa

Cinepack integer overflow patch:
http://trac.videolan.org/vlc/changeset/18eb4fd5a75b6429d1d7058a8967696be701a00b

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1769
    http://security-tracker.debian.net/tracker/CVE-2008-1769
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1768
    http://security-tracker.debian.net/tracker/CVE-2008-1768

-- 
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20080427/17e9a588/attachment.pgp