VLC XSPF integer overflow
Bug #795410 reported by
Rémi Denis-Courmont
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
VLC media player |
Fix Released
|
Unknown
|
|||
vlc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Maverick |
Fix Released
|
Undecided
|
Unassigned | ||
Natty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: vlc
CVE References
visibility: | private → public |
Changed in vlc (Ubuntu): | |
status: | New → Confirmed |
Changed in vlc: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
This bug was fixed in the package vlc - 1.1.10-1ubuntu1
---------------
vlc (1.1.10-1ubuntu1) oneiric; urgency=low
* Merge from Debian unstable, remaining changes:
- build and install the libx264 plugin
vlc (1.1.10-1) unstable; urgency=high
[ Benjamin Drung ]
* New upstream release.
- Security: Fix XSPF integer overflow (CVE-2011-2194) (LP: #795410)
- Improve .desktop file:
- Add smb as supported protocol (Closes: #622879, LP: #737192)
- add video/webm to supported MIME formats (LP: #769463)
- Fix libdvdread errors while playing ogg files (Closes: #622935)
- Support three channels in pulseaudio output plugin (LP: 743478)
- PulseAudio output re-written due to unstability of the current one
(LP: #743323)
- Fix crashes (LP: #754497, #785979)
- Qt: allow drag and drop of any URL, not just a local file (LP: #664030)
- Fix libvlcplugin.so: undefined symbol: NPP_Initialize (LP: #722690)
* Refresh patches.
* Drop as-needed patch due to autoreconf run.
* Backport PulseAudio build fix.
* Add GNOME MIME types for Ogg Vorbis and Ogg Theora (Closes: #629619).
* Mention potcast support in package description (Closes: #488771).
[ Reinhard Tartler ]
* run autoreconf on the buildds
* Weaken dependencies on libschroedinger
-- Benjamin Drung <email address hidden> Sat, 11 Jun 2011 19:56:27 +0200