[ubuntu/gutsy-security] vlc_0.8.6.release.c-0ubuntu5.2_i386_translations.tar.gz, vlc, vlc_0.8.6.release.c-0ubuntu5.2_lpia_translations.tar.gz, vlc_0.8.6.release.c-0ubuntu5.2_sparc_translations.tar.gz, vlc_0.8.6.release.c-0ubuntu5.2_amd64_translations.tar.gz, vlc_0.8.6.release.c-0ubuntu5.2_ia64_translations.tar.gz, vlc_0.8.6.release.c-0ubuntu5.2_powerpc_translations.tar.gz 0.8.6.release.c-0ubuntu5.2 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Sep 30 16:57:11 BST 2008
vlc (0.8.6.release.c-0ubuntu5.2) gutsy-security; urgency=low
* SECURITY UPDATE: (LP: #207284)
+ debian/patches/031_CVE-2008-1489.diff
- Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted MP4 RDRF box that triggers a
heap-based buffer overflow.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
+ http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a
Date: Tue, 01 Apr 2008 02:33:08 +0200
Changed-By: Emanuele Gentili <emgent at emanuele-gentili.com>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/gutsy/+source/vlc/0.8.6.release.c-0ubuntu5.2
-------------- next part --------------
Format: 1.7
Date: Tue, 01 Apr 2008 02:33:08 +0200
Source: vlc
Binary: libvlc0 libvlc0-dev mozilla-plugin-vlc vlc vlc-nox vlc-plugin-alsa vlc-plugin-arts vlc-plugin-esd vlc-plugin-ggi vlc-plugin-glide vlc-plugin-sdl vlc-plugin-svgalib wxvlc
Architecture: amd64_translations amd64 i386_translations i386 all ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc source sparc_translations sparc
Version: 0.8.6.release.c-0ubuntu5.2
Distribution: gutsy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Emanuele Gentili <emgent at emanuele-gentili.com>
Description:
libvlc0 - multimedia player and streamer library
libvlc0-dev - development files for VLC
mozilla-plugin-vlc - multimedia plugin for web browsers based on VLC
vlc - multimedia player and streamer
vlc-nox - multimedia player and streamer (without X support)
vlc-plugin-arts - aRts audio output plugin for VLC
vlc-plugin-esd - Esound audio output plugin for VLC
vlc-plugin-ggi - GGI video output plugin for VLC
vlc-plugin-sdl - SDL video and audio output plugin for VLC
vlc-plugin-alsa - dummy transitional package
vlc-plugin-glide - Glide video output plugin for VLC
vlc-plugin-svgalib - SVGAlib video output plugin for VLC
wxvlc - dummy transitional package
Changes:
vlc (0.8.6.release.c-0ubuntu5.2) gutsy-security; urgency=low
.
* SECURITY UPDATE: (LP: #207284)
+ debian/patches/031_CVE-2008-1489.diff
- Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted MP4 RDRF box that triggers a
heap-based buffer overflow.
.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
+ http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a
Files:
f69053c54a92fe458938e7cc597a72ab 4896385 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_amd64_translations.tar.gz
f33aaf8f1956cd126a3075e819730399 1175226 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_amd64.deb
2d1b572d88eaceec45ab14f124f9fb31 4703486 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_amd64.deb
2f74b8ee8df29b4e455ffeff6c180640 875606 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_amd64.deb
8be3b1bd490c50e2c0f57bd6e41b4537 20280 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_amd64.deb
d63c395c4439625280a3e83918b340b1 4608 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_amd64.deb
a0c897a27139812627a5c92c26019c52 11462 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_amd64.deb
5a67b14df5620f8afc8fab7fa0c6ccd5 6244 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_amd64.deb
45f9d3fa786e5f7997dc98d7538cbd7c 4292 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_amd64.deb
456ad7730ecf9fc8dc4f578712ff3d48 38482 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_amd64.deb
c52931328ef0fcce2c2394adbc7267f6 816 graphics optional vlc-plugin-alsa_0.8.6.release.c-0ubuntu5.2_all.deb
ba0bf801f8176536ca1f96eea91fedf3 810 graphics optional wxvlc_0.8.6.release.c-0ubuntu5.2_all.deb
55c679f64df6d733bf78b8cd46ce225e 4896402 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_i386_translations.tar.gz
9b4b10e17aca3e373897cef85dd630f0 1162232 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_i386.deb
8501f29267c3590a5f1b4e63ecd06edc 4671330 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_i386.deb
303b02d1b58a54c83e5334e4d4e0c01d 872796 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_i386.deb
e17f40d68c73a5af056f86d2a583a9b7 20258 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_i386.deb
42f804282f69a816e4e4a417117fce8f 4880 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_i386.deb
90c183bcb4afdb7150bc77628bf7cc74 10764 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_i386.deb
190635f1b9ebf9750e6e7ef4210d5832 5966 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_i386.deb
015ac9c3cdc5f87cc9beeacd44052add 4190 graphics optional vlc-plugin-glide_0.8.6.release.c-0ubuntu5.2_i386.deb
d9aab5b9a05ac14924f181c6b381d327 4140 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_i386.deb
70fd69333b2dae80bb903bd56450733f 37970 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_i386.deb
28252565a08378f019d1167c1ed3decd 4600 graphics optional vlc-plugin-svgalib_0.8.6.release.c-0ubuntu5.2_i386.deb
494a7c4425167a655fe7a0e78c7cf144 4896343 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_ia64_translations.tar.gz
c48eb62bc17a7beb2e112f99513ca36c 1591342 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_ia64.deb
08c022a754c363c66cc4424fdbf26a6b 5895770 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_ia64.deb
526b344735d7114fb40084ac5f3aa4c8 1375972 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_ia64.deb
1b01c8ac16e9caf3f1ab1f44ba658efb 20214 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_ia64.deb
4c2cf1fdea88fe4bd3d34d1989bac4c2 6272 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_ia64.deb
039ed6592c0f548fa9dd4a5f9e654e17 17210 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_ia64.deb
d6147efecd4098a17b3fa689fc21584f 9166 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_ia64.deb
f7fa88f838ed6b5c28b559d0b85c645f 5542 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_ia64.deb
57a460de17f9681bb6390d4c0142fa87 51036 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_ia64.deb
e519c20d72ddfea2319145bd5cbbb891 1149116 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_lpia.deb
55946e251d60ee4376de0d43dff3ec36 4689258 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_lpia.deb
d1bb3558f8fca9a39935e2cf16999ba1 894258 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_lpia.deb
223747f975720fbd98f04ee266659e73 20266 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_lpia.deb
e1a1338b640afa0c9e6998d585d861e2 4854 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_lpia.deb
aae57d08becb61b9073f118b083129b1 10910 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_lpia.deb
10f2af5e249adf4ee835c7c9c3e28887 6034 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_lpia.deb
1a85c104d8e748cfc2ffc3294574318b 4080 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_lpia.deb
3464ad30fb22fa9f843b9c27464b6b89 38330 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_lpia.deb
75e4cbbdf0e78ed5bf866f65bd266048 7165908 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_lpia_translations.tar.gz
adee25d76896a6855d5a80f837b800e4 4896419 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_powerpc_translations.tar.gz
3ff2b540b3ebb52fcb951744a0e6980b 1248582 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_powerpc.deb
c600bdab3562ba0e26b400f9dc273130 5203066 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_powerpc.deb
87102e5850fdc19031e93919c321967b 962548 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_powerpc.deb
905c497cd588595b247f3f6cc0fd7f66 20268 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_powerpc.deb
98dbe1720a90ca917b0c58ffc10d3e6f 7644 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_powerpc.deb
bcff63b33a1c0bda4531bb4cccec0db4 14718 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_powerpc.deb
016e22e4a8c61872d27c21a6769fc3f7 8960 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_powerpc.deb
194e9b97345d9af1d85854d2290e2082 6390 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_powerpc.deb
55dd472de0c1082c4dc2a5619c2cbf5c 41778 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_powerpc.deb
0a8c1e6f0d5967712e280e5c7cf0cc6e 2157 graphics optional vlc_0.8.6.release.c-0ubuntu5.2.dsc
8bab2604b4b0667b1f90ea15fb10c8a9 35770 graphics optional vlc_0.8.6.release.c-0ubuntu5.2.diff.gz
e2c012d05e5b0f4b11c940745400231e 4896416 raw-translations - vlc_0.8.6.release.c-0ubuntu5.2_sparc_translations.tar.gz
85007169be6da61dd5acfbeb70198ca0 1189932 graphics optional vlc_0.8.6.release.c-0ubuntu5.2_sparc.deb
27d38aa7713a0c3a5fe9e8759babc357 4675744 net optional vlc-nox_0.8.6.release.c-0ubuntu5.2_sparc.deb
e4ca13969372ccd22c559462ca84aadc 870622 libs optional libvlc0_0.8.6.release.c-0ubuntu5.2_sparc.deb
bbfd199f0b4e2a46afd0a071e12cebb3 20224 libdevel optional libvlc0-dev_0.8.6.release.c-0ubuntu5.2_sparc.deb
8ece6946181d928a7ee841f10ea7186a 4848 graphics optional vlc-plugin-esd_0.8.6.release.c-0ubuntu5.2_sparc.deb
89f90181b3d76e4ac26d74f0a0f3767c 10492 graphics optional vlc-plugin-sdl_0.8.6.release.c-0ubuntu5.2_sparc.deb
9b918871b441a6c0b03303a0a34365eb 5932 graphics optional vlc-plugin-ggi_0.8.6.release.c-0ubuntu5.2_sparc.deb
49158892e64446bcfff087b8835a2cb6 4034 graphics optional vlc-plugin-arts_0.8.6.release.c-0ubuntu5.2_sparc.deb
0c86982e10465577b3c8f8a091095e0b 34736 graphics optional mozilla-plugin-vlc_0.8.6.release.c-0ubuntu5.2_sparc.deb
Launchpad-Bugs-Fixed: 207284
Original-Maintainer: Sam Hocevar (Debian packages) <sam+deb at zoy.org>
More information about the gutsy-changes
mailing list