[Bug 307239] [NEW] Please backport vlc to 0.9.8a in Intrepid

Bartosz gang65 at poczta.onet.pl
Thu Dec 11 18:01:34 GMT 2008 

*** This bug is a security vulnerability ***

Public security bug reported:

Please backport vlc to 0.9.8a in Intrepid.
This is very important security upgrade.

vlc (0.9.8a-1ubuntu1) jaunty; urgency=low

  * merge from debian. LP: #300328, #305100, #289263
  * Fixes CVE-2008-5276
  * remaining changes
    - build against libxul-dev instead of iceape-dev
    - build against libdca-dev, libass-dev and libx264-dev
    - build against and install libx264 plugin
    - adjust Vcs-Bzr Headers in debian/control
    - add Xb-Npp header to vlc package
    - debian/patches/301_DVD_media.diff: Change %U to %f
       in VLC .desktop file, cf LP #275043

https://launchpad.net/ubuntu/jaunty/+source/vlc/0.9.8a-1ubuntu1
http://www.videolan.org/security/

** Affects: intrepid-backports
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5276

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5036

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5032

** Description changed:

  Please backport vlc to 0.9.8a in Intrepid.
  This is very important security upgrade.
  
  vlc (0.9.8a-1ubuntu1) jaunty; urgency=low
  
    * merge from debian. LP: #300328, #305100, #289263
    * Fixes CVE-2008-5276
    * remaining changes
      - build against libxul-dev instead of iceape-dev
      - build against libdca-dev, libass-dev and libx264-dev
      - build against and install libx264 plugin
      - adjust Vcs-Bzr Headers in debian/control
      - add Xb-Npp header to vlc package
      - debian/patches/301_DVD_media.diff: Change %U to %f
         in VLC .desktop file, cf LP #275043
+ 
+ https://launchpad.net/ubuntu/jaunty/+source/vlc/0.9.8a-1ubuntu1
+ http://www.videolan.org/security/

** Visibility changed to: Public

-- 
Please backport vlc to 0.9.8a in Intrepid
https://bugs.launchpad.net/bugs/307239
You received this bug notification because you are a member of Ubuntu
Backporters, which is a direct subscriber.

More information about the ubuntu-backports mailing list