Ubuntu
vlc package

  1. Bug #195949
  2. Comment #15

Comment 15 for bug 195949

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

vlc (0.8.6-svn20061012.debian-1ubuntu1.2) edgy-security; urgency=low

  * SECURITY UPDATE:
    - debian/patches/CVE-2008-0984.patch (LP: #195949)
     + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
       suffers from an arbitrary memory overwrite vulnerability when using
       crash the player instance.

  * References
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
    - http://www.videolan.org/security/sa0802.html

 -- Emanuele Gentili <email address hidden> Tue, 11 Mar 2008 20:25:38 +0100