Hi, The vulnerability CVE 2014-3466 in GNUTLS has *not* been fixed in Trusty (at time of writing the current stable release). It's been fixed in libgnutls26, but not in libgnutls28 (which is what VLC actually uses) - see:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1326779 Cheers, Dr Owain Kenway -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1350356 Title: vlc 2.1.5 is released, software upgrade is needed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpng/+bug/1350356/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
