[ubuntu/precise-updates] vlc 2.0.3-0ubuntu0.12.04.1 (Accepted)
Brian Murray
brian at ubuntu.com
Thu Aug 2 21:17:09 UTC 2012
vlc (2.0.3-0ubuntu0.12.04.1) precise-security; urgency=low
* New bug-fixing upstream release (LP: #1025713).
* SECURITY UPDATE: Heap-based buffer overflow in the Ogg_DecodePacket function
in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before
2.0.2 allows remote attackers to cause a denial of service (application
crash) and possibly execute arbitrary code via a crafted OGG file.
- CVE-2012-3377
Date: 2012-07-24 22:35:40.396049+00:00
Changed-By: Benjamin Drung <bdrung at debian.org>
Signed-By: Brian Murray <brian at ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/vlc/2.0.3-0ubuntu0.12.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list