CVE-2013-1868
Benjamin Drung
bdrung at debian.org
Wed Mar 20 11:37:05 UTC 2013
Am Mittwoch, den 20.03.2013, 11:23 +0200 schrieb Henri Salo:
> Hello,
>
> Could you check if Debian packages of VLC are affected of CVE-2013-1868, thank you.
VLC 2.0.3-5 from testing is (probably) affected and VLC 2.0.5-1 from
unstable is not affected.
> References:
> https://security-tracker.debian.org/tracker/CVE-2013-1868
> http://www.openwall.com/lists/oss-security/2013/03/17/1
> http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=9b0414dc7f5c18ff2951175cf076779c444efd70
This git commit is not the correct commit.
> http://www.videolan.org/security/sa1301.html
>
> I can submit bug if needed. At least I can't find that file, which was changed.
I would appreciate a bug report with an attached and tested patch.
--
Benjamin Drung
Debian & Ubuntu Developer
More information about the pkg-multimedia-maintainers
mailing list