[SCM] vlc/jessie: Merge tag 'debian/2.2.0_rc2-2+deb8u1' into jessie
sramacher at users.alioth.debian.org
sramacher at users.alioth.debian.org
Sun Sep 13 17:32:45 UTC 2015
Import 2.2.0~rc2-2+deb8u1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Git-Refname: refs/heads/jessie
X-Git-Reftype: branch
X-Git-Oldrev: 65e36b13ad9e399eff23370b3a4a4bcfe719a0d8
X-Git-Newrev: ef946a68760f351090746504a4518aca439ec7cc
The following commit has been merged in the jessie branch:
commit ef946a68760f351090746504a4518aca439ec7cc
Merge: 65e36b13ad9e399eff23370b3a4a4bcfe719a0d8 44dd73662cfa2e3056bc5659d210b1769dc6df4c
Author: Sebastian Ramacher <sramacher at debian.org>
Date: Sun Sep 13 19:31:53 2015 +0200
Merge tag 'debian/2.2.0_rc2-2+deb8u1' into jessie
vlc Debian release 2.2.0~rc2-2+deb8u1
diff --combined debian/changelog
index 653be3d,a084c54..79e0742
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,14 -1,13 +1,24 @@@
+vlc (2.2.1-1~deb8u1) UNRELEASED; urgency=medium
+
+ [ Sebastian Ramacher ]
+ * New upstream release.
+ * debian/patches: Remove patches, no longer needed.
+
+ [ Benjamin Drung ]
+ * drop/rules: Drop removed --enable-glx configure flag.
+
+ -- Sebastian Ramacher <sramacher at debian.org> Sat, 25 Apr 2015 23:00:04 +0200
+
+ vlc (2.2.0~rc2-2+deb8u1) jessie-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Add CVE-2015-5949.patch patch.
+ CVE-2015-5949: Insufficient restrictions on a writable buffer in the 3GP
+ file format parser can be exploited to execute arbitrary code via a
+ specially crafted 3GP file.
+
+ -- Salvatore Bonaccorso <carnil at debian.org> Wed, 19 Aug 2015 15:45:17 +0200
+
vlc (2.2.0~rc2-2) unstable; urgency=medium
* debian/patches: Apply upstream patches for security vulnerabilities.
diff --combined debian/patches/series
index 0000000,83ced6d..2fbbdf3
mode 000000,100644..100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -1,0 -1,4 +1,1 @@@
-codec-schroedinger-fix-potential-buffer-overflow.patch
-demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
-stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
+ CVE-2015-5949.patch
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list