This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.4
---
vlc (2.1.6-0ubuntu14.04.4) trusty-security; urgency=medium
* SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300
-- Simon Quigley
This bug was fixed in the package vlc - 2.2.4-14ubuntu2.2
---
vlc (2.2.4-14ubuntu2.2) zesty-security; urgency=medium
* SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300
-- Simon Quigley Tue,
This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.4
---
vlc (2.2.2-5ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300
-- Simon Qui
ACK on the debdiffs, I've uploaded them for building as a security
update with a couple of minor changes:
- added upstream commit to patch
- changed unofficial url shortener link to launchpad bug link
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
Attached is a debdiff for Trusty applicable to 2.1.6-0ubuntu14.04.3. I
have tested this on a fresh Lubuntu 14.04 LTS install and it works fine.
** Patch added: "1-2.1.6-0ubuntu14.04.4.debdiff"
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930281/+files/1-2.1.6-0ubuntu
Attached is a debdiff for Xenial applicable to 2.2.2-5ubuntu0.16.04.3. I
have tested this on a fresh Lubuntu 16.04 LTS install and it works fine.
** Patch added: "1-2.2.2-5ubuntu0.16.04.4.debdiff"
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930220/+files/1-2.2.2-5ub