[SCM] vlc/jessie: Merge tag 'debian/2.2.0_rc2-2+deb8u1' into jessie

sramacher at users.alioth.debian.org sramacher at users.alioth.debian.org
Sun Sep 13 17:32:45 UTC 2015


Import 2.2.0~rc2-2+deb8u1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Git-Refname: refs/heads/jessie
X-Git-Reftype: branch
X-Git-Oldrev: 65e36b13ad9e399eff23370b3a4a4bcfe719a0d8
X-Git-Newrev: ef946a68760f351090746504a4518aca439ec7cc

The following commit has been merged in the jessie branch:
commit ef946a68760f351090746504a4518aca439ec7cc
Merge: 65e36b13ad9e399eff23370b3a4a4bcfe719a0d8 44dd73662cfa2e3056bc5659d210b1769dc6df4c
Author: Sebastian Ramacher <sramacher at debian.org>
Date:   Sun Sep 13 19:31:53 2015 +0200

    Merge tag 'debian/2.2.0_rc2-2+deb8u1' into jessie
    
    vlc Debian release 2.2.0~rc2-2+deb8u1

diff --combined debian/changelog
index 653be3d,a084c54..79e0742
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,14 -1,13 +1,24 @@@
 +vlc (2.2.1-1~deb8u1) UNRELEASED; urgency=medium
 +
 +  [ Sebastian Ramacher ]
 +  * New upstream release.
 +  * debian/patches: Remove patches, no longer needed.
 +
 +  [ Benjamin Drung ]
 +  * drop/rules: Drop removed --enable-glx configure flag.
 +
 + -- Sebastian Ramacher <sramacher at debian.org>  Sat, 25 Apr 2015 23:00:04 +0200
 +
+ vlc (2.2.0~rc2-2+deb8u1) jessie-security; urgency=high
+ 
+   * Non-maintainer upload by the Security Team.
+   * Add CVE-2015-5949.patch patch.
+     CVE-2015-5949: Insufficient restrictions on a writable buffer in the 3GP
+     file format parser can be exploited to execute arbitrary code via a
+     specially crafted 3GP file.
+ 
+  -- Salvatore Bonaccorso <carnil at debian.org>  Wed, 19 Aug 2015 15:45:17 +0200
+ 
  vlc (2.2.0~rc2-2) unstable; urgency=medium
  
    * debian/patches: Apply upstream patches for security vulnerabilities.
diff --combined debian/patches/series
index 0000000,83ced6d..2fbbdf3
mode 000000,100644..100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -1,0 -1,4 +1,1 @@@
 -codec-schroedinger-fix-potential-buffer-overflow.patch
 -demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
 -stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
+ CVE-2015-5949.patch

-- 
VLC media player packaging



More information about the pkg-multimedia-commits mailing list