Ubuntu
vlc package

  1. Bug #1186780
  2. Comment #6

Comment 6 for bug 1186780

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.0.8-0ubuntu0.12.10.1

---------------
vlc (2.0.8-0ubuntu0.12.10.1) quantal-security; urgency=low

  * New bug-fixing upstream release (LP: #1186780).
  * SECURITY UPDATE: Denial of service (crash) and possibly execute arbitrary
    code via a crafted MKV file (disputed).
    - Improve resistance and checking against malformed MKV files.
    - CVE-2013-3245
  * SECURITY UPDATE: Two xss vulnerabilities.
    - CVE-2013-3565
  * SECURITY UPDATE: Buffer Overflow in ASF Demuxer.
    - CVE-2013-1954
    - VideoLAN-SA-1302
 -- Benjamin Drung <email address hidden> Thu, 01 Aug 2013 14:41:36 +0200