Bug#775866: vlc: multiple vulnerabilities

Moritz Muehlenhoff jmm at inutil.org
Wed Jan 21 08:22:02 UTC 2015


On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote:
> Source: vlc
> Version: 2.1.5-1
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Hi,
> 
> multiple vulnerabilities were reported against vlc 2.1.5. The complete
> mail is at http://seclists.org/oss-sec/2015/q1/187 but at least the
> following vulnerabilities are fixed in vlc master branch:
> 
> * Buffer overflow in updater:
>   https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14

The Debian package builds with --no-update-check, so it's not affected
by that one.

Cheers,
        Moritz



More information about the pkg-multimedia-maintainers mailing list