[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Launchpad Bug Tracker]

This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.4

---
vlc (2.1.6-0ubuntu14.04.4) trusty-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300

 -- Simon Quigley   Tue, 08 Aug 2017 14:15:04 -0500

** Changed in: vlc (Ubuntu Trusty)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Launchpad Bug Tracker]

This bug was fixed in the package vlc - 2.2.4-14ubuntu2.2

---
vlc (2.2.4-14ubuntu2.2) zesty-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300

 -- Simon Quigley   Tue, 08 Aug 2017 13:41:33 -0500

** Changed in: vlc (Ubuntu Zesty)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Launchpad Bug Tracker]

This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.4

---
vlc (2.2.2-5ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
(LP: #1709420)
- fix-CVE-2017-9300.patch
- CVE-2017-9300

 -- Simon Quigley   Tue, 08 Aug 2017 13:59:52 -0500

** Changed in: vlc (Ubuntu Xenial)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Marc Deslauriers]

ACK on the debdiffs, I've uploaded them for building as a security
update with a couple of minor changes:

- added upstream commit to patch
- changed unofficial url shortener link to launchpad bug link

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Simon Quigley]

Attached is a debdiff for Trusty applicable to 2.1.6-0ubuntu14.04.3. I
have tested this on a fresh Lubuntu 14.04 LTS install and it works fine.

** Patch added: "1-2.1.6-0ubuntu14.04.4.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930281/+files/1-2.1.6-0ubuntu14.04.4.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change

[Simon Quigley]

Attached is a debdiff for Xenial applicable to 2.2.2-5ubuntu0.16.04.3. I
have tested this on a fresh Lubuntu 16.04 LTS install and it works fine.

** Patch added: "1-2.2.2-5ubuntu0.16.04.4.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930220/+files/1-2.2.2-5ubuntu0.16.04.4.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  [CVE] flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs