Your message dated Fri, 21 Aug 2015 06:50:18 +0000 with message-id <e1zsg9a-0006wq...@franck.debian.org> and subject line Bug#796255: fixed in vlc 2.2.1-3 has caused the Debian Bug report #796255, regarding vlc: CVE-2015-5949 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 796255: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796255 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: vlc Version: 2.2.0~rc2-2 Severity: grave Tags: security upstream patch fixed-upstream Justification: user security hole Control: fixed -1 2.2.0~rc2-2+deb8u1 Hi, the following vulnerability was published for vlc. CVE-2015-5949[0]: No description was found (try on a search engine) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-5949 [1] http://www.ocert.org/advisories/ocert-2015-009.html [2] https://lists.debian.org/debian-security-announce/2015/msg00241.html Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: vlc Source-Version: 2.2.1-3 We believe that the bug you reported is fixed in the latest version of vlc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 796...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Ramacher <sramac...@debian.org> (supplier of updated vlc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 21 Aug 2015 08:22:53 +0200 Source: vlc Binary: libvlc-dev libvlc5 libvlccore-dev libvlccore8 vlc vlc-data vlc-dbg vlc-nox vlc-plugin-fluidsynth vlc-plugin-jack vlc-plugin-notify vlc-plugin-sdl vlc-plugin-svg vlc-plugin-zvbi vlc-plugin-samba vlc-plugin-pulse Architecture: source all Version: 2.2.1-3 Distribution: unstable Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Sebastian Ramacher <sramac...@debian.org> Description: libvlc-dev - development files for libvlc libvlc5 - multimedia player and streamer library libvlccore-dev - development files for libvlccore libvlccore8 - base library for VLC and its modules vlc - multimedia player and streamer vlc-data - Common data for VLC vlc-dbg - debugging symbols for vlc vlc-nox - multimedia player and streamer (without X support) vlc-plugin-fluidsynth - FluidSynth plugin for VLC vlc-plugin-jack - Jack audio plugins for VLC vlc-plugin-notify - LibNotify plugin for VLC vlc-plugin-pulse - transitional dummy package for vlc vlc-plugin-samba - Samba plugin for VLC vlc-plugin-sdl - SDL video and audio output plugin for VLC vlc-plugin-svg - SVG plugin for VLC vlc-plugin-zvbi - VBI teletext plugin for VLC Closes: 796255 Changes: vlc (2.2.1-3) unstable; urgency=high . * debian/patches/demux-mp4-correctly-match-release-function.patch: Apply upstream patch to fix CVE-2015-5949. (Closes: #796255) Checksums-Sha1: e42b19ead6572eaaba436948047d9e6e55704028 5383 vlc_2.2.1-3.dsc 98b1ef70f44eb546bc9d86ee5b0b8faba3ef34fb 58968 vlc_2.2.1-3.debian.tar.xz 71c135c13092d7b599d3dadeab7eddc3fa65e40a 5404956 vlc-data_2.2.1-3_all.deb 7311454c43301b348c9aeee496b4dbb1deb0b501 860 vlc-plugin-pulse_2.2.1-3_all.deb Checksums-Sha256: 8dbd965bc794af5dd49afa41470ea5ead57c863601593f9783828428672d4d67 5383 vlc_2.2.1-3.dsc c184d9a7cee03b047d235bd388739accea8d77cd85da10252e0caa04b7418f43 58968 vlc_2.2.1-3.debian.tar.xz b1aac7e84261559c151ccbd632e6ca3ea088d5d9554f49980dc9b5bfb08edad9 5404956 vlc-data_2.2.1-3_all.deb f52d303256700b65f3510edec8831cdd4028da4caf5991108a808d2cb9bc5321 860 vlc-plugin-pulse_2.2.1-3_all.deb Files: 5010899a703c06dc124216b8d97f95e4 5383 video optional vlc_2.2.1-3.dsc d611ae7ac3ba135c847881f025f3866d 58968 video optional vlc_2.2.1-3.debian.tar.xz 500a9289863b889967ec1d8ac8237a53 5404956 video optional vlc-data_2.2.1-3_all.deb f4e4b593e068fbca1fc6b2fa45c1e512 860 video optional vlc-plugin-pulse_2.2.1-3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJV1sdNAAoJEGny/FFupxmTnuMP/Argpnyuu1ZmIZWvoALl7iMD aEi7ejs5Ni3diDCN7BiLjHJle35Pb0RLFjiZMuZgBeZHk9QxfDsMVD0v/GXz1yQI n1LOKyOxUdgqjcqMB81fSkynN9hbBNYvvOrYEicc/kYVySgpfN5OEtn4sTEeBuLu oISvaYyGEMrvSIKrH1GMqKbLOaAMYaz6yfwEP3vsm6ffxjGnEnwbFz+I0tSfzRMD bzuNrGFT6lZGuzYgih88wLvvkKCtPQU8iCRa3tVmp0ok2MpQ2CJMZhxCYQoaJ+xU uux6PLStXNKU1pAYRQQibOSZ9QAp/z9HLgEtwyfCzQjm1E969fUr6eEHAF1mOvf1 0iQo1/Hz05gkJ7XcfzgiD33DCez7JVLO1f/qnOTsk2Yqt35QWpUtA3IVUZBCDGcW CVbvMh4WxS+/R1oVvlI/qcllrdON3SSX+ZwsT6qPCPp/i+0zPk4EIBu5K154aiJw 0OQVFfrAQAhPKZpzuB5l7EhG2aocp5SK4bkMqgdFYy/inMWMGQZlxJvLNB7ZEQUy Ouu1UPX2JyAb1mOZXmaMa7NEXdye3nrQw9ACK3/k1SPN90ZmsqxxGJBS8IBCigVO WNUVDgneQzE9wsv5ij4Copzcylin2lG4d/sYf3qRoZq4fDfNsr4BIg/RQ7XYBkgX 2zmBcR7dvgmbzPHQmJdq =gGHS -----END PGP SIGNATURE-----
--- End Message ---
