This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.3
---------------
vlc (2.2.2-5ubuntu0.16.04.3) xenial-security; urgency=high
* SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893)
- fix-CVE-2016-5108.patch
- CVE-2016-5108
* SECURITY UPDATE: Crash due to Out-of-Bound Heap Memory Write
- fix-CVE-2017-10699.patch
- CVE-2017-10699
* SECURITY UPDATE: Fix potential out of bound reads
- fix-CVE-2017-8310.patch
- CVE-2017-8310
* SECURITY UPDATE: Fix invalid double increment
- fix-CVE-2017-8311.patch
- CVE-2017-8311
* SECURITY UPDATE: Fix potential heap buffer overflow
- fix-CVE-2017-8312.patch
- CVE-2017-8312
* SECURITY UPDATE: ParseJSS: fix out-of-bounds read
- fix-CVE-2017-8313.patch
- CVE-2017-8313
-- Simon Quigley <[email protected]> Fri, 07 Jul 2017 06:54:34 -0500
** Changed in: vlc (Ubuntu Xenial)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1693893
Title:
Fix out-of-bounds read, potential heap buffer overflow, and other CVEs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1693893/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
