[SCM] vlc/jessie: Also mention CVE-2017-9300
sramacher at users.alioth.debian.org
sramacher at users.alioth.debian.org
Sun Nov 19 15:54:58 UTC 2017
The following commit has been merged in the jessie branch:
commit 00b16b7e4e1ee6526abc7aa52a8c932937bb9262
Author: Sebastian Ramacher <sramacher at debian.org>
Date: Sun Nov 19 16:54:52 2017 +0100
Also mention CVE-2017-9300
diff --git a/debian/changelog b/debian/changelog
index 81414d0..2cd2c2e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ vlc (2.2.7-1~deb8u1) jessie; urgency=high
* New upstream release.
- Fix crash in libavcodec module (heap write out-of band). (CVE-2017-10699)
+ - Fix flac heap write overflow on format change. (CVE-2017-9300)
- Fix AVI read/write overflow.
-- Sebastian Ramacher <sramacher at debian.org> Sun, 19 Nov 2017 16:28:34 +0100
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list