[ubuntu/lucid-security] vlc, vlc_1.0.6-1ubuntu1.6_i386_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_sparc_translations.tar.gz (delayed), vlc_1.0.6-1ubuntu1.6_ia64_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_amd64_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_powerpc_translations.tar.gz, vlc_1.0.6-1ubuntu1.6_armel_translations.tar.gz 1.0.6-1ubuntu1.6 (Accepted)

Ubuntu Installer Thu, 14 Apr 2011 09:05:49 -0700

vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted width
    - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
      src/video_output/video_output.c.
    - CVE-2010-3275
    - CVE-2010-3276
  * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
    - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
      modules/demux/mp4/libmp4.c.
    - CVE-2011-1684


Date: Wed, 13 Apr 2011 23:27:23 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/vlc/1.0.6-1ubuntu1.6

Format: 1.8
Date: Wed, 13 Apr 2011 23:27:23 -0400
Source: vlc
Binary: vlc vlc-dbg vlc-nox libvlccore2 libvlc2 libvlccore-dev libvlc-dev 
vlc-plugin-sdl vlc-plugin-ggi mozilla-plugin-vlc vlc-plugin-svgalib 
vlc-plugin-jack vlc-plugin-pulse vlc-plugin-svg vlc-data
Architecture: source
Version: 1.0.6-1ubuntu1.6
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 libvlc-dev - development files for libvlc
 libvlc2    - multimedia player and streamer library
 libvlccore-dev - development files for libvlccore
 libvlccore2 - base library for VLC and its modules
 mozilla-plugin-vlc - multimedia plugin for web browsers based on VLC
 vlc        - multimedia player and streamer
 vlc-data   - Common data for VLC
 vlc-dbg    - debugging symbols for vlc
 vlc-nox    - multimedia player and streamer (without X support)
 vlc-plugin-ggi - GGI video output plugin for VLC
 vlc-plugin-jack - Jack audio plugins for VLC
 vlc-plugin-pulse - PulseAudio plugin for VLC
 vlc-plugin-sdl - SDL video and audio output plugin for VLC
 vlc-plugin-svg - SVG plugin for VLC
 vlc-plugin-svgalib - SVGAlib video output plugin for VLC
Launchpad-Bugs-Fixed: 756368
Changes: 
 vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via crafted width
     - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
       src/video_output/video_output.c.
     - CVE-2010-3275
     - CVE-2010-3276
   * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
     - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
       modules/demux/mp4/libmp4.c.
     - CVE-2011-1684
Checksums-Sha1: 
 72e1878cb4e756c7f148dcd07ed04424538f6275 4008 vlc_1.0.6-1ubuntu1.6.dsc
 7ad2cc55a4958e1f79e558041ee7749ac60c99fe 75928 vlc_1.0.6-1ubuntu1.6.diff.gz
Checksums-Sha256: 
 f71d9194494d83052976cc07e54933af56d79db8ef82a3e159c16423db061a6e 4008 
vlc_1.0.6-1ubuntu1.6.dsc
 6ad89ace4034080b3f2468a328a004a121ff601547059f303f27d7f39be5d66e 75928 
vlc_1.0.6-1ubuntu1.6.diff.gz
Files: 
 7212880abdbbd19b6fd58ac0ba6b85c6 4008 video optional vlc_1.0.6-1ubuntu1.6.dsc
 28b143aa5072b5f98d9665ffca8af44c 75928 video optional 
vlc_1.0.6-1ubuntu1.6.diff.gz
Original-Maintainer: Debian multimedia packages maintainers 
<pkg-multimedia-maintain...@lists.alioth.debian.org>

-- 
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

Reply via email to