[ubuntu/lucid-security] vlc, vlc_1.0.6-1ubuntu1.6_i386_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_sparc_translations.tar.gz (delayed), vlc_1.0.6-1ubuntu1.6_ia64_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_amd64_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_powerpc_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_armel_translations.tar.gz 1.0.6-1ubuntu1.6 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Apr 14 16:05:28 UTC 2011
vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted width
- debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
src/video_output/video_output.c.
- CVE-2010-3275
- CVE-2010-3276
* SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
- debian/patches/CVE-2011-1684.patch: fix buffer overflow in
modules/demux/mp4/libmp4.c.
- CVE-2011-1684
Date: Wed, 13 Apr 2011 23:27:23 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/vlc/1.0.6-1ubuntu1.6
-------------- next part --------------
Format: 1.8
Date: Wed, 13 Apr 2011 23:27:23 -0400
Source: vlc
Binary: vlc vlc-dbg vlc-nox libvlccore2 libvlc2 libvlccore-dev libvlc-dev vlc-plugin-sdl vlc-plugin-ggi mozilla-plugin-vlc vlc-plugin-svgalib vlc-plugin-jack vlc-plugin-pulse vlc-plugin-svg vlc-data
Architecture: source
Version: 1.0.6-1ubuntu1.6
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libvlc-dev - development files for libvlc
libvlc2 - multimedia player and streamer library
libvlccore-dev - development files for libvlccore
libvlccore2 - base library for VLC and its modules
mozilla-plugin-vlc - multimedia plugin for web browsers based on VLC
vlc - multimedia player and streamer
vlc-data - Common data for VLC
vlc-dbg - debugging symbols for vlc
vlc-nox - multimedia player and streamer (without X support)
vlc-plugin-ggi - GGI video output plugin for VLC
vlc-plugin-jack - Jack audio plugins for VLC
vlc-plugin-pulse - PulseAudio plugin for VLC
vlc-plugin-sdl - SDL video and audio output plugin for VLC
vlc-plugin-svg - SVG plugin for VLC
vlc-plugin-svgalib - SVGAlib video output plugin for VLC
Launchpad-Bugs-Fixed: 756368
Changes:
vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via crafted width
- debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
src/video_output/video_output.c.
- CVE-2010-3275
- CVE-2010-3276
* SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
- debian/patches/CVE-2011-1684.patch: fix buffer overflow in
modules/demux/mp4/libmp4.c.
- CVE-2011-1684
Checksums-Sha1:
72e1878cb4e756c7f148dcd07ed04424538f6275 4008 vlc_1.0.6-1ubuntu1.6.dsc
7ad2cc55a4958e1f79e558041ee7749ac60c99fe 75928 vlc_1.0.6-1ubuntu1.6.diff.gz
Checksums-Sha256:
f71d9194494d83052976cc07e54933af56d79db8ef82a3e159c16423db061a6e 4008 vlc_1.0.6-1ubuntu1.6.dsc
6ad89ace4034080b3f2468a328a004a121ff601547059f303f27d7f39be5d66e 75928 vlc_1.0.6-1ubuntu1.6.diff.gz
Files:
7212880abdbbd19b6fd58ac0ba6b85c6 4008 video optional vlc_1.0.6-1ubuntu1.6.dsc
28b143aa5072b5f98d9665ffca8af44c 75928 video optional vlc_1.0.6-1ubuntu1.6.diff.gz
Original-Maintainer: Debian multimedia packages maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
More information about the Lucid-changes
mailing list