This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.3
--------------- vlc (2.2.2-5ubuntu0.16.04.3) xenial-security; urgency=high
* SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893) - fix-CVE-2016-5108.patch - CVE-2016-5108 * SECURITY UPDATE: Crash due to Out-of-Bound Heap Memory Write - fix-CVE-2017-10699.patch - CVE-2017-10699 * SECURITY UPDATE: Fix potential out of bound reads - fix-CVE-2017-8310.patch - CVE-2017-8310 * SECURITY UPDATE: Fix invalid double increment - fix-CVE-2017-8311.patch - CVE-2017-8311 * SECURITY UPDATE: Fix potential heap buffer overflow - fix-CVE-2017-8312.patch - CVE-2017-8312 * SECURITY UPDATE: ParseJSS: fix out-of-bounds read - fix-CVE-2017-8313.patch - CVE-2017-8313
-- Simon Quigley <email address hidden> Fri, 07 Jul 2017 06:54:34 -0500
This bug was fixed in the package vlc - 2.2.2-5ubuntu0. 16.04.3
--------------- 5ubuntu0. 16.04.3) xenial-security; urgency=high
vlc (2.2.2-
* SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893) 2016-5108. patch 2017-10699. patch 2017-8310. patch 2017-8311. patch 2017-8312. patch 2017-8313. patch
- fix-CVE-
- CVE-2016-5108
* SECURITY UPDATE: Crash due to Out-of-Bound Heap Memory Write
- fix-CVE-
- CVE-2017-10699
* SECURITY UPDATE: Fix potential out of bound reads
- fix-CVE-
- CVE-2017-8310
* SECURITY UPDATE: Fix invalid double increment
- fix-CVE-
- CVE-2017-8311
* SECURITY UPDATE: Fix potential heap buffer overflow
- fix-CVE-
- CVE-2017-8312
* SECURITY UPDATE: ParseJSS: fix out-of-bounds read
- fix-CVE-
- CVE-2017-8313
-- Simon Quigley <email address hidden> Fri, 07 Jul 2017 06:54:34 -0500