Ubuntu
vlc package

  1. Bug #195949
  2. Comment #9

Comment 9 for bug 195949

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 0.8.6.release.d-0ubuntu4

---------------
vlc (0.8.6.release.d-0ubuntu4) hardy; urgency=low

  [ Emanuele Gentili ]
  * SECURITY UPDATE:
    - debian/patches/021_CVE-2008-0984.diff (LP: #195949)
     + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer) suffers
       from an arbitrary memory overwrite vulnerability when using crash the player
       instance.

  * References
    - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0984
    - http://www.videolan.org/security/sa0802.html

  [ Mario Limonciello ]
  * debian/control:
    - Build debian on libxul-dev instead of firefox-dev
  * debian/rules:
    - Use xulrunner-config rather than firefox-config (LP: #194907)

 -- Emanuele Gentili <email address hidden> Wed, 27 Feb 2008 00:33:06 +0100