Ubuntu
vlc package

lp:ubuntu/maverick-security/vlc

Maverick (10.10)
maverick-security

Created by James Westby on 2011-01-06 and last modified on 2011-07-22

Get this branch:: bzr branch lp:ubuntu/maverick-security/vlc

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

88. By Benjamin Drung on 2011-07-18: * SECURITY UPDATE: Heap overflow in RealMedia demuxer (LP: #807486)
  - debian/patches/CVE-2011-2587.patch: real: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2587
  - VideoLAN-SA-1105
* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106
87. By Benjamin Drung on 2011-06-11: * SECURITY UPDATE: Integer overflow in XSPF playlist parser (LP: #795410)
  - debian/patches/fix-xspf-integer-overflow.patch: Fix realloc() integer
    overflow, thanks to Rémi Denis-Courmont
  - CVE-2011-2194
  - VideoLAN-SA-1104
86. By Marc Deslauriers on 2011-04-13: * SECURITY UPDATE: arbitrary code execution via crafted width
  - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
    src/video_output/video_output.c.
  - CVE-2010-3275
  - CVE-2010-3276
* SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
  - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
    modules/demux/mp4/libmp4.c.
  - CVE-2011-1684
85. By Benjamin Drung on 2011-02-09: * SECURITY UPDATE: memory corruption, code execution (LP: #714089)
  - debian/patches/mkv-input-validation.diff: Fix MKV improper input
    validation, thanks to Steve Lhomme
  - CVE-2011-0531
  - VideoLAN-SA-1102
84. By Benjamin Drung on 2011-01-24: * SECURITY UPDATE: heap overflow in CDG decoder (LP: #707154)
  - debian/patches/cdg-heap-overflow.diff: Fix heap overflow in CDG
    decoder, thanks to Dan Rosenberg
* SECURITY UPDATE: heap corruption in some XML based subtitles decoder
  - debian/patches/xml-heap-corruption.diff: Handle early termination
    properly in StripTags, thanks to Harry Sintonen
83. By Benjamin Drung on 2010-12-30: * SECURITY UPDATE: Buffer overflow in Real demuxer (LP: #690173)
  - modules/demux/real.c: Fix heap buffer overflow, thanks to Rémi
    Denis-Courmont
  - CVE-2010-3907
  - VideoLAN-SA-1007
82. By Benjamin Drung on 2010-09-05: * Merge from Debian experimental, remaining changes:
- build and install the libx264 plugin
81. By Benjamin Drung on 2010-08-19: * Merge from Debian experimental, remaining changes:
- build and install the libx264 plugin
80. By Benjamin Drung on 2010-08-05: * Merge from Debian experimental, remaining changes:
  - build and install the libx264 plugin
  - add Xb-Npp header to vlc package
  - Add apport hook to include more vlc dependencies in bug reports
79. By Mario Limonciello on 2010-08-04: No change rebuild.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/natty/vlc

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntuvlc package