This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.3
---------------
vlc (2.1.6-0ubuntu14.04.3) trusty-security; urgency=high
* SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893)
- fix-CVE-2016-5108.patch
- CVE-2016-5108
* SECURITY UPDATE: Fix potential out of bound reads
- fix-CVE-2017-8310.patch
- CVE-2017-8310
* SECURITY UPDATE: Fix invalid double increment
- fix-CVE-2017-8311.patch
- CVE-2017-8311
* SECURITY UPDATE: Fix potential heap buffer overflow
- fix-CVE-2017-8312.patch
- CVE-2017-8312
* SECURITY UPDATE: ParseJSS: fix out-of-bounds read
- fix-CVE-2017-8313.patch
- CVE-2017-8313
-- Simon Quigley <[email protected]> Mon, 10 Jul 2017 22:59:26 -0500
** Changed in: vlc (Ubuntu Trusty)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1693893
Title:
Fix out-of-bounds read, potential heap buffer overflow, and other CVEs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1693893/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
