[Bug 756368] Re: Heap overflow in MP4 demuxer

Launchpad Bug Tracker Thu, 14 Apr 2011 09:16:26 -0700

This bug was fixed in the package vlc - 1.0.6-1ubuntu1.6

---------------
vlc (1.0.6-1ubuntu1.6) lucid-security; urgency=low


  * SECURITY UPDATE: arbitrary code execution via crafted width
    - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
      src/video_output/video_output.c.
    - CVE-2010-3275
    - CVE-2010-3276
  * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
    - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
      modules/demux/mp4/libmp4.c.
    - CVE-2011-1684
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Wed, 13 Apr 2011 23:27:23 
-0400

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/756368

Title:
  Heap overflow in MP4 demuxer

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 756368] Re: Heap overflow in MP4 demuxer

Reply via email to