This bug was fixed in the package vlc - 0.8.6.release.d-0ubuntu4
---------------
vlc (0.8.6.release.d-0ubuntu4) hardy; urgency=low
[ Emanuele Gentili ]
* SECURITY UPDATE:
- debian/patches/021_CVE-2008-0984.diff (LP: #195949)
+ VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
suffers
from an arbitrary memory overwrite vulnerability when using crash the
player
instance.
* References
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0984
- http://www.videolan.org/security/sa0802.html
[ Mario Limonciello ]
* debian/control:
- Build debian on libxul-dev instead of firefox-dev
* debian/rules:
- Use xulrunner-config rather than firefox-config (LP: #194907)
-- Emanuele Gentili <[EMAIL PROTECTED]> Wed, 27 Feb 2008
00:33:06 +0100
** Changed in: vlc (Ubuntu)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0984
--
Package broken for firefox3
https://bugs.launchpad.net/bugs/194907
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
