Ubuntu
vlc package

Overview
Code
Bugs
Blueprints
Translations
Answers

Trusty (14.04)
Bug #1693893
Comment #8

Comment 8 for bug 1693893

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-07-10:

This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.3

---------------
vlc (2.2.2-5ubuntu0.16.04.3) xenial-security; urgency=high

  * SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893)
    - fix-CVE-2016-5108.patch
    - CVE-2016-5108
  * SECURITY UPDATE: Crash due to Out-of-Bound Heap Memory Write
    - fix-CVE-2017-10699.patch
    - CVE-2017-10699
  * SECURITY UPDATE: Fix potential out of bound reads
    - fix-CVE-2017-8310.patch
    - CVE-2017-8310
  * SECURITY UPDATE: Fix invalid double increment
    - fix-CVE-2017-8311.patch
    - CVE-2017-8311
  * SECURITY UPDATE: Fix potential heap buffer overflow
    - fix-CVE-2017-8312.patch
    - CVE-2017-8312
  * SECURITY UPDATE: ParseJSS: fix out-of-bounds read
    - fix-CVE-2017-8313.patch
    - CVE-2017-8313

-- Simon Quigley <email address hidden> Fri, 07 Jul 2017 06:54:34 -0500

Ubuntuvlc package

Comment 8 for bug 1693893

Ubuntu
vlc package