Ubuntu
vlc package

  1. Bug #1693893
  2. Comment #12

Comment 12 for bug 1693893

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.3

---------------
vlc (2.1.6-0ubuntu14.04.3) trusty-security; urgency=high

  * SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893)
    - fix-CVE-2016-5108.patch
    - CVE-2016-5108
  * SECURITY UPDATE: Fix potential out of bound reads
    - fix-CVE-2017-8310.patch
    - CVE-2017-8310
  * SECURITY UPDATE: Fix invalid double increment
    - fix-CVE-2017-8311.patch
    - CVE-2017-8311
  * SECURITY UPDATE: Fix potential heap buffer overflow
    - fix-CVE-2017-8312.patch
    - CVE-2017-8312
  * SECURITY UPDATE: ParseJSS: fix out-of-bounds read
    - fix-CVE-2017-8313.patch
    - CVE-2017-8313

 -- Simon Quigley <email address hidden> Mon, 10 Jul 2017 22:59:26 -0500