** Changed in: vlc (Ubuntu Lucid)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1084054
Title:
Denial of service via crafted PNG file
To manage notifications a
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1084054
Title:
Denial of service via crafted PNG file
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/v
This bug was fixed in the package vlc - 2.0.5-0ubuntu0.12.04.1
---
vlc (2.0.5-0ubuntu0.12.04.1) precise-security; urgency=low
* New bug-fixing upstream release.
- Fix hang caused by the notify plugin. (Closes: #662628, LP: #970447)
- Fix crashes (LP: #947156, #958462, #96002
Benjamin, thanks for alerting me to the provisional microrelease
exception (mre) for vlc:
https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions
I have submitted two new packages for building in -security, for 12.04
LTS and 12.10, that include the new upstream tarball and your
debian/
** Changed in: vlc (Ubuntu Precise)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1084054
Title:
Denial of service via crafted PNG file
To manage notificat
Benjamin, thanks for working on this issue.
However, the security-sponsors process is intended to get security fixes
into the stable releases; upgrading vlc in its entirety from 2.0.3 or
2.0.4 to 2.0.5, with all the other unrelated changes that are included,
would be better handled through the SRU
Please let me know if you want the source tarball in a different way
(the debdiff is too big for being useful). Here's the link to the fixed
additional security issue: http://www.videolan.org/security/sa1301.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
I have prepared 2.0.5 (which includes the additional security fix for
VideoLAN-SA-1301) for precise-security and quantal-security. You can get
the source tarballs via:
git clone -b precise git://git.debian.org/git/pkg-multimedia/vlc.git
cd vlc
uscan --force
git-buildpackage -S
The quantal packag
Based on the above comments, I've removed this SRU from -proposed.
** Changed in: vlc (Ubuntu Precise)
Status: Fix Committed => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1084054
Yes, it's the plan to get 2.0.4 into Ubuntu 12.04.
Due to your intervention, I think poking upstream to release 2.0.5 (and
getting this into precise) is the best solution.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.l
Is this a proposal to backport VLC 2.0.4 in LTS? PulseAudio support in
VLC 2.0.4 is BROKEN. Please do not do that.
If you want VLC 2.0.4 there, you really really really should add the
following patches (from vlc-2.0.git):
PulseAudio fixes:
http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commit;h=055
** Summary changed:
- Denial of service via crafter PNG file
+ Denial of service via crafted PNG file
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1084054
Title:
Denial of service via crafted PNG
Hello Marc, or anyone else affected,
Accepted vlc into precise-proposed. The package will build now and be
available at
http://launchpad.net/ubuntu/+source/vlc/2.0.4-0ubuntu0.12.04.1 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wik
13 matches
Mail list logo