Bug#775866: vlc: multiple vulnerabilities
Moritz Mühlenhoff
jmm at inutil.org
Mon Jan 26 12:49:26 UTC 2015
On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote:
> * The potential invalid writes in modules/services_discovery/sap.c and
> modules/access/ftp.c were not fixed as I did not provide a
> trigger. Note, that the code looks very similar to the confirmed bug
> in rtp_packetize_xiph_config, and so I leave it to you to decide
> whether you want to patch this.
These have been assigned CVE-2015-1202 and CVE-2015-1203, could you contact
upstream for the status of an upstream fix?
Cheers,
Moritz
More information about the pkg-multimedia-maintainers
mailing list