libvdpau (1.1-1ubuntu1) wily; urgency=medium
* SECURITY UPDATE: privilege escalation when used in setuid or setgid
applications
- debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
against directory traversal in configure.ac, src/Makefile.am,
src/mesa_dri2.c, src/util.h, src/vdpau_wrapper.c,
trace/vdpau_trace.cpp.
- CVE-2015-5198
- CVE-2015-5199
- CVE-2015-5200
-- Marc Deslauriers <[email protected]> Wed, 02 Sep 2015
08:38:06 -0400
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5198
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5199
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5200
** Changed in: libvdpau (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1490826
Title:
[CVE] NVIDIA's VDPAU Library Exposed To Security Issue
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvdpau/+bug/1490826/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
