This bug was fixed in the package vlc - 2.2.6-3 Sponsored for Simon Quigley (tsimonq2)
--------------- vlc (2.2.6-3) unstable; urgency=medium [ Mateusz Ĺukasik ] * debian/patches: avcodec: Check visible sizes (CVE-2017-10699). [ Sebastian Ramacher ] * debian/patches: flac: Fix heap write overflow on frame format change. (CVE-2017-9300) -- Sebastian Ramacher <sramac...@debian.org> Tue, 11 Jul 2017 21:35:32 +0200 ** Changed in: vlc (Ubuntu) Status: New => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-10699 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9300 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1703754 Title: Force sync vlc 2.2.6-3 from Debian Sid To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1703754/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs