[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.4 --- vlc (2.1.6-0ubuntu14.04.4) trusty-security; urgency=medium * SECURITY UPDATE: flac: Fix heap write overflow on frame format change (LP: #1709420) - fix-CVE-2017-9300.patch - CVE-2017-9300 -- Simon QuigleyTue, 08 Aug 2017 14:15:04 -0500 ** Changed in: vlc (Ubuntu Trusty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
This bug was fixed in the package vlc - 2.2.4-14ubuntu2.2 --- vlc (2.2.4-14ubuntu2.2) zesty-security; urgency=medium * SECURITY UPDATE: flac: Fix heap write overflow on frame format change (LP: #1709420) - fix-CVE-2017-9300.patch - CVE-2017-9300 -- Simon QuigleyTue, 08 Aug 2017 13:41:33 -0500 ** Changed in: vlc (Ubuntu Zesty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.4 --- vlc (2.2.2-5ubuntu0.16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: flac: Fix heap write overflow on frame format change (LP: #1709420) - fix-CVE-2017-9300.patch - CVE-2017-9300 -- Simon QuigleyTue, 08 Aug 2017 13:59:52 -0500 ** Changed in: vlc (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
ACK on the debdiffs, I've uploaded them for building as a security update with a couple of minor changes: - added upstream commit to patch - changed unofficial url shortener link to launchpad bug link Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
Attached is a debdiff for Trusty applicable to 2.1.6-0ubuntu14.04.3. I have tested this on a fresh Lubuntu 14.04 LTS install and it works fine. ** Patch added: "1-2.1.6-0ubuntu14.04.4.debdiff" https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930281/+files/1-2.1.6-0ubuntu14.04.4.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1709420] Re: [CVE] flac: Fix heap write overflow on frame format change
Attached is a debdiff for Xenial applicable to 2.2.2-5ubuntu0.16.04.3. I have tested this on a fresh Lubuntu 16.04 LTS install and it works fine. ** Patch added: "1-2.2.2-5ubuntu0.16.04.4.debdiff" https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+attachment/4930220/+files/1-2.2.2-5ubuntu0.16.04.4.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709420 Title: [CVE] flac: Fix heap write overflow on frame format change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs