Here's a patch for Artful applicable to 2.2.6-2. I have been testing this on my own system for the past hour and it works completely fine.
** Patch added: "1-2.2.6-2ubuntu1.debdiff" https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1693893/+attachment/4912130/+files/1-2.2.6-2ubuntu1.debdiff ** Description changed: This bug is meant to track the following public VLC CVEs and their status in Ubuntu. Here are the affected Ubuntu releases and the CVEs that affect that specific release: - Xenial: - 2016-5108 - 2017-10699 - 2017-8310 - 2017-8311 - 2017-8312 - 2017-8313 - Zesty: + - 2017-10699 + - 2017-8310 + - 2017-8311 + - 2017-8312 + - 2017-8313 + - Already upstreamed: + - 2016-5108 + + - Artful: - 2017-10699 - - 2017-8310 - - 2017-8311 - - 2017-8312 - - 2017-8313 - Already upstreamed: - 2016-5108 + - 2017-8310 + - 2017-8311 + - 2017-8312 + - 2017-8313 ** Description changed: This bug is meant to track the following public VLC CVEs and their status in Ubuntu. Here are the affected Ubuntu releases and the CVEs that affect that specific release: - Xenial: - 2016-5108 - 2017-10699 - 2017-8310 - 2017-8311 - 2017-8312 - 2017-8313 - Zesty: - 2017-10699 - 2017-8310 - 2017-8311 - 2017-8312 - 2017-8313 - - Already upstreamed: + - Already fixed in the package: - 2016-5108 - Artful: - - 2017-10699 - - Already upstreamed: - - 2016-5108 - - 2017-8310 - - 2017-8311 - - 2017-8312 - - 2017-8313 + - 2017-10699 + - Already fixed in the package: + - 2016-5108 + - 2017-8310 + - 2017-8311 + - 2017-8312 + - 2017-8313 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1693893 Title: Fix out-of-bounds read, potential heap buffer overflow, and other CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1693893/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
