Hello community, here is the log from the commit of package vlc for openSUSE:Factory checked in at 2020-05-01 11:08:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vlc (Old) and /work/SRC/openSUSE:Factory/.vlc.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "vlc" Fri May 1 11:08:38 2020 rev:106 rq:798989 version:3.0.10 Changes: -------- --- /work/SRC/openSUSE:Factory/vlc/vlc.changes 2020-04-18 00:30:21.938044263 +0200 +++ /work/SRC/openSUSE:Factory/.vlc.new.2738/vlc.changes 2020-05-01 11:09:01.955283674 +0200 @@ -1,0 +2,6 @@ +Wed Apr 29 14:14:21 UTC 2020 - Dominique Leuenberger <[email protected]> + +- Update to version 3.0.10: + + Misc: Update Twitch & VLSub scripts. + +------------------------------------------------------------------- @@ -144,0 +151,14 @@ + + Security fixes included: + * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) + * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) + * Fix a read buffer overflow in the FAAD decoder + * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) + * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) + * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) + * Fix a use after free in the ASF demuxer (CVE-2019-14533) + * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) + * Fix a null dereference in the dvdnav demuxer + * Fix a null dereference in the ASF demuxer (CVE-2019-14534) + * Fix a null dereference in the AVI demuxer + * Fix a division by zero in the CAF demuxer (CVE-2019-14498) + * Fix a division by zero in the ASF demuxer (CVE-2019-14535) Old: ---- vlc-3.0.9.2.tar.xz vlc-3.0.9.2.tar.xz.asc New: ---- vlc-3.0.10.tar.xz vlc-3.0.10.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vlc.spec ++++++ --- /var/tmp/diff_new_pack.FSEWvC/_old 2020-05-01 11:09:03.443286910 +0200 +++ /var/tmp/diff_new_pack.FSEWvC/_new 2020-05-01 11:09:03.443286910 +0200 @@ -33,7 +33,7 @@ %bcond_with faad %bcond_with fdk_aac Name: vlc -Version: 3.0.9.2 +Version: 3.0.10 Release: 0 Summary: Graphical media player License: GPL-2.0-or-later AND LGPL-2.1-or-later ++++++ vlc-3.0.9.2.tar.xz -> vlc-3.0.10.tar.xz ++++++ /work/SRC/openSUSE:Factory/vlc/vlc-3.0.9.2.tar.xz /work/SRC/openSUSE:Factory/.vlc.new.2738/vlc-3.0.10.tar.xz differ: char 26, line 1
