[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
Thanks for the patch! Fix committed to security builds. ** Changed in: vlc (Ubuntu Hardy) Status: In Progress = Fix Committed -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
This bug was fixed in the package vlc - 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2 --- vlc (0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2) hardy-security; urgency=low * SECURITY UPDATE: multiple denials of service and arbitrary code execution vulnerabilities. (LP: #262705) - debian/patches/040_CVE-2008-3732.diff: Fix TTA integer handling. Fixes arbitrary code execution. Patch from upstream git. - debian/patches/041_CVE-2008-3794.diff: Fix MMS integer handling. Fixes arbitrary code execution. Patch from upstream git. - References: + http://www.videolan.org/security/sa0807.html + CVE-2008-3732 + CVE-2008-3794 -- William Grant [EMAIL PROTECTED] Sun, 21 Sep 2008 14:00:25 +1000 ** Changed in: vlc (Ubuntu Hardy) Status: Fix Committed = Fix Released -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3732 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3794 -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
** Changed in: vlc (Ubuntu Hardy) Status: Triaged = In Progress -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
** Attachment added: hardy debdiff http://launchpadlibrarian.net/17787413/vlc_0.8.6.release.e%2Bx264svn20071224%2Bfaad2.6.1-0ubuntu3.2.debdiff -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
I've tested that it plays various things (including TTA and MMS streams), and the known exploits no longer crash it. -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
** This bug is no longer a duplicate of bug 270404 Please update VLC to 0.9.2 ** Changed in: vlc (Ubuntu Hardy) Importance: Undecided = High Assignee: (unassigned) = William Grant (wgrant) Status: New = Triaged ** Changed in: vlc (Ubuntu) Status: Triaged = Invalid ** Changed in: vlc (Ubuntu) Importance: High = Undecided Assignee: William Grant (wgrant) = (unassigned) -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 262705] Re: VLC: New upstream release (0.8.6i) for hardy
*** This bug is a duplicate of bug 270404 *** https://bugs.launchpad.net/bugs/270404 ** This bug has been marked a duplicate of bug 270404 Please update VLC to 0.9.2 -- VLC: New upstream release (0.8.6i) for hardy https://bugs.launchpad.net/bugs/262705 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs