Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1276650
Title:
please update VLC to version 2.1.3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+
This bug was fixed in the package vlc - 2.1.4-0ubuntu14.04.1
---
vlc (2.1.4-0ubuntu14.04.1) trusty-security; urgency=medium
* New upstream release (Closes: #742625, LP: #1276650)
* SECURITY UPDATE: crafted ASF file handling integer divide-by-zero DoS
- CVE-2014-1684
* debian
I upgraded VLC to the version from the security-proposed PPA. It tested
it with various kinds of videos without problems.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1276650
Title:
please update V
debian/upstream-signing-key.pgp was renamed to debian/upstream/signing-
key.asc. The filename extension was corrected from .gpg to .asc because
the key is armored. The signing key is just for verifying the orig
tarball and has no effect on the binary package. The gbp.conf file is
just the configura
FYI, I don't consider the signing keys a blocker (they are just some
extra files in debian/ and don't otherwise affect the software), and
they are already in the utopic version. I've uploaded this to
https://launchpad.net/~ubuntu-security-proposed/+archive/ppa/+packages.
Once it is done building, p
Thanks! Comparing this to 2.1.2-2build2 I see that gbp.conf was changed
and debian/upstream/signing-key.asc and debian/upstream-signing-key.pgp
are new. I added an entry to the changelog for gbp.conf, but what are
the signing keys? Why are is the .pgp in debian/ but .asc in
debian/upstream?
--
Yo
And here are the signed .dsc file + debian.tar.gz.
** Attachment added: "vlc_2.1.4-0ubuntu14.04.1.dsc"
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1276650/+attachment/4114293/+files/vlc_2.1.4-0ubuntu14.04.1.dsc
** Changed in: vlc (Ubuntu Trusty)
Status: Incomplete => New
--
Yo
** Attachment added: "vlc_2.1.4-0ubuntu14.04.1.debian.tar.gz"
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1276650/+attachment/4114292/+files/vlc_2.1.4-0ubuntu14.04.1.debian.tar.gz
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubun
Here's the debdiff for utopic -> trusty-security.
** Patch added: "vlc_2.1.4-0ubuntu14.04.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1276650/+attachment/4114291/+files/vlc_2.1.4-0ubuntu14.04.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Would it be possible to provide a signed source package or a debdiff on
top of the utopic package for trusty? This is preferred over grabbing a
git snapshot (especially one the size of vlc).
** Changed in: vlc (Ubuntu Trusty)
Status: New => Incomplete
--
You received this bug notification
I have prepared 2.1.4 for trusty-security. You can get the source
package by grabbing the .orig.tar.xz tarball from unstable/utopic (or
from the pristinet-tar branch) and running:
git clone -b trusty git://git.debian.org/git/pkg-multimedia/vlc.git
cd vlc
git-buildpackage -S
The source package bui
** Also affects: vlc (Ubuntu Trusty)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1276650
Title:
please update VLC to version 2.1.3
To manage notificati
This bug was fixed in the package vlc - 2.1.4-1
---
vlc (2.1.4-1) unstable; urgency=medium
* New upstream release (Closes: #742625, LP: #1276650)
* SECURITY UPDATE: crafted ASF file handling integer divide-by-zero DoS
- CVE-2014-1684
(Closes: #743033)
-- Benjamin Drung
** Changed in: vlc (Ubuntu)
Status: New => In Progress
** Changed in: vlc (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1276650
Title:
please up
14 matches
Mail list logo
