** Changed in: dell-mini
Status: New => Confirmed
** Changed in: dell-mini
Assignee: (unassigned) => Nicolas Valcárcel (nxvl) (nvalcarcel)
--
Please sync security vulnerability patches in dell-mini version of VLC from
mainstream hardy
https://bugs.launchpad.net/bugs/325504
You received this bug notification because you are a member of OEM
Services QA, which is subscribed to The Dell Mini Project.
Status in Dell Inspiron Mini with Custom Dell UI: Confirmed
Bug description:
Mainstream hardy-updates has a set of patches for vlc to fix several security
vulnerabilities (see below, changelog). Current version in dell-mini
repositories: 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1
vlc (0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2) hardy-security;
urgency=low
* SECURITY UPDATE: multiple denials of service and arbitrary code execution
vulnerabilities. (LP: #262705)
- debian/patches/040_CVE-2008-3732.diff: Fix TTA integer handling. Fixes
arbitrary code execution. Patch from upstream git.
- debian/patches/041_CVE-2008-3794.diff: Fix MMS integer handling. Fixes
arbitrary code execution. Patch from upstream git.
- References:
+ http://www.videolan.org/security/sa0807.html
+ CVE-2008-3732
+ CVE-2008-3794
-- William Grant <[email protected]> Sun, 21 Sep 2008 14:00:25 +1000
_______________________________________________
Mailing list: https://launchpad.net/~oem-qa
Post to : [email protected]
Unsubscribe : https://launchpad.net/~oem-qa
More help : https://help.launchpad.net/ListHelp
