[ubuntu/trusty-security] vlc 2.1.6-0ubuntu14.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue May 3 18:35:48 UTC 2016


vlc (2.1.6-0ubuntu14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted FLV file
    - debian/patches/CVE-2014-9597.patch: properly handle ref count in
      src/misc/picture_pool.c.
    - CVE-2014-9597
  * SECURITY UPDATE: XSS in web interface
    - debian/patches/CVE-2014-9743.patch: fix XSS in src/network/httpd.c.
    - CVE-2014-9743
  * SECURITY UPDATE: denial of service via crafted wav file (LP: #1533633)
    - debian/patches/CVE-2016-3941.patch: seek across eof correctly in
      src/input/stream.c.
    - CVE-2016-3941

Date: 2016-05-03 00:47:21.304387+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/vlc/2.1.6-0ubuntu14.04.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list