Force sync vlc 2.2.6-3 from Debian Sid
Bug #1703754 reported by
Simon Quigley
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| vlc (Ubuntu) |
Fix Released
|
Undecided
|
Simon Quigley | ||
Bug Description
Please force sync vlc 2.2.6-3 from Debian Sid.
The delta exists in the first place (created by me) to fix CVE-2017-10699, which was fixed in 2.2.6-3. Here's the full changelog:
vlc (2.2.6-3) unstable; urgency=medium
[ Mateusz Łukasik ]
* debian/patches: avcodec: Check visible sizes (CVE-2017-10699).
[ Sebastian Ramacher ]
* debian/patches: flac: Fix heap write overflow on frame format change.
(CVE-
The delta does not need to exist any more, so it can be force synced.
CVE References
| tags: | added: artful |
| Changed in vlc (Ubuntu): | |
| assignee: | nobody → Simon Quigley (tsimonq2) |
| tags: | added: upgrade-software-version |
Revision history for this message
| Mattia Rizzolo (mapreri) wrote | #1 |
| Changed in vlc (Ubuntu): | |
| status: | New → Fix Released |
To post a comment you must log in.
This bug was fixed in the package vlc - 2.2.6-3
Sponsored for Simon Quigley (tsimonq2)
---------------
vlc (2.2.6-3) unstable; urgency=medium
[ Mateusz Łukasik ]
* debian/patches: avcodec: Check visible sizes (CVE-2017-10699).
[ Sebastian Ramacher ]
* debian/patches: flac: Fix heap write overflow on frame format change.
(CVE-2017-9300)
-- Sebastian Ramacher <email address hidden> Tue, 11 Jul 2017 21:35:32 +0200