Bug#775866: vlc: multiple vulnerabilities
Moritz Muehlenhoff
jmm at inutil.org
Wed Jan 21 08:22:02 UTC 2015
On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote:
> Source: vlc
> Version: 2.1.5-1
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
>
> multiple vulnerabilities were reported against vlc 2.1.5. The complete
> mail is at http://seclists.org/oss-sec/2015/q1/187 but at least the
> following vulnerabilities are fixed in vlc master branch:
>
> * Buffer overflow in updater:
> https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
The Debian package builds with --no-update-check, so it's not affected
by that one.
Cheers,
Moritz
More information about the pkg-multimedia-maintainers
mailing list