Heap overflow in MP4 demuxer

Bug #756368 reported by Rémi Denis-Courmont on 2011-04-10
268
This bug affects 2 people
Affects Status Importance Assigned to Milestone
VLC media player
Fix Released
Critical
Rémi Denis-Courmont
Nominated for 1.1 by Rémi Denis-Courmont
Nominated for 2.0 by Rémi Denis-Courmont
1.0-bugfix
Fix Released
Undecided
Unassigned
vlc (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Maverick
Undecided
Unassigned
visibility: private → public
Changed in vlc:
milestone: none → 1.1.9
importance: Undecided → Critical
assignee: nobody → Rémi Denis-Courmont (rdenis)
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 1.1.4-1ubuntu1.5

---------------
vlc (1.1.4-1ubuntu1.5) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted width
    - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
      src/video_output/video_output.c.
    - CVE-2010-3275
    - CVE-2010-3276
  * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
    - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
      modules/demux/mp4/libmp4.c.
    - CVE-2011-1684
 -- Marc Deslauriers <email address hidden> Wed, 13 Apr 2011 23:21:01 -0400

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 1.0.6-1ubuntu1.6

---------------
vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted width
    - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
      src/video_output/video_output.c.
    - CVE-2010-3275
    - CVE-2010-3276
  * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
    - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
      modules/demux/mp4/libmp4.c.
    - CVE-2011-1684
 -- Marc Deslauriers <email address hidden> Wed, 13 Apr 2011 23:27:23 -0400

Changed in vlc (Ubuntu Lucid):
status: New → Fix Released
Changed in vlc (Ubuntu Maverick):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 1.1.9-1ubuntu1

---------------
vlc (1.1.9-1ubuntu1) natty; urgency=low

  * Merge from Debian unstable (LP: #760510), remaining changes:
    - build and install the libx264 plugin

vlc (1.1.9-1) unstable; urgency=medium

  * New upstream release.
    - Fix heap corruption in MP4 demuxer (LP: #756368).
    - Fix fullscreen controller has no background in KDE4 (LP: #661020).
  * Refresh patches and drop backported VideoLAN-SA-1103.patch.
  * Adjust the vlc lintian-overrides for the latest lintian version.

vlc (1.1.8-3) unstable; urgency=medium

  * Fix heap corruption in MP4 demuxer
    - VideoLAN-SA-1103
    - Thanks to Rémi Denis-Courmont
  * Set urgency to medium
  * Set policy to 3.9.2 (no change needed)
 -- Benjamin Drung <email address hidden> Thu, 14 Apr 2011 11:51:25 +0200

Changed in vlc (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers