Bug#825728: vlc: CVE-2016-5108

Salvatore Bonaccorso carnil at debian.org
Sun May 29 10:02:57 UTC 2016

Source: vlc
Version: 2.2.3-1
Severity: important
Tags: security upstream patch


the following vulnerability was published for vlc.

crash and potential code execution when processing QuickTime IMA files

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-5108
[1] http://www.openwall.com/lists/oss-security/2016/05/27/3
[2] https://git.videolan.org/?p=vlc.git;a=commit;h=458ed62bbeb9d1bddf7b8df104e14936408a3db9

Please adjust the affected versions in the BTS as needed.


More information about the pkg-multimedia-maintainers mailing list