[SCM] vlc/stretch: Also mention CVE-2017-9300
sramacher at users.alioth.debian.org
sramacher at users.alioth.debian.org
Sun Nov 19 15:54:43 UTC 2017
The following commit has been merged in the stretch branch:
commit f45b0191c03a872b76b28f2eaca262993e306c02
Author: Sebastian Ramacher <sramacher at debian.org>
Date: Sun Nov 19 16:54:38 2017 +0100
Also mention CVE-2017-9300
diff --git a/debian/changelog b/debian/changelog
index 0b9af4f..51149c2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ vlc (2.2.7-1~deb9u1) stretch; urgency=high
* New upstream release.
- Fix crash in libavcodec module (heap write out-of band). (CVE-2017-10699)
+ - Fix flac heap write overflow on format change. (CVE-2017-9300)
- Fix AVI read/write overflow.
* Update ffmpeg to 2.8.13.
* debian/{control,*.maintscript}: Bump versions to ensure proper upgrades
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list