vlc: buffer overflow in TY demux
Bug #285922 reported by
Rémi Denis-Courmont
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| vlc (Debian) |
Fix Released
|
Unknown
|
|||
| vlc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: vlc
VLC 0.8.2-.0.9.4 are subject to an exploitable buffer overflow in the TY (TiVO) demux. See http://
Attached patch against VLC 0.9.*
Revision history for this message
| Rémi Denis-Courmont (rdenis) wrote | #1 |
| Changed in vlc: | |
| status: | Unknown → Confirmed |
| Changed in vlc: | |
| status: | New → Confirmed |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in vlc (Ubuntu): | |
| status: | Confirmed → Fix Released |
| Changed in vlc (Debian): | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
This bug was fixed in the package vlc - 0.9.4-1ubuntu3.2
---------------
vlc (0.9.4-1ubuntu3.2) intrepid-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution via stack-based overflow in
the Ty demux plugin (LP: #285922)
- debian/
modules/
- CVE-2008-4654
* SECURITY UPDATE: Arbitrary code execution via integer overflows in
the Ty demux plugin (LP: #285922)
- debian/
in modules/demux/ty.c so they don't overflow.
- CVE-2008-4686
* SECURITY UPDATE: Arbitrary code execution via stack-based buffer
overflow via invalid RealText subtitle file.
- debian/
modules/
- CVE-2008-5036
* SECURITY UPDATE: Arbitrary code execution via heap-based buffer
overflow via malformed RealMedia file.
- debian/
modules/
- CVE-2008-5276
* SECURITY UPDATE: Denial of service via long input argument.
- debian/
psz_dup in src/input/input.c
- CVE-2009-1045
-- Marc Deslauriers <email address hidden> Sun, 28 Jun 2009 12:13:15 -0400