-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 28 Mar 2008 13:51:48 +0100 Source: vlc Binary: vlc vlc-nox libvlc0 libvlc0-dev vlc-plugin-esd vlc-plugin-alsa vlc-plugin-sdl vlc-plugin-ggi vlc-plugin-glide vlc-plugin-arts mozilla-plugin-vlc vlc-plugin-svgalib wxvlc vlc-plugin-jack Architecture: source all amd64 Version: 0.8.6.c-6+lenny3 Distribution: testing-security Urgency: high Maintainer: Debian multimedia packages maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Nico Golde <nion@debian.org> Description: libvlc0 - multimedia player and streamer library libvlc0-dev - development files for VLC mozilla-plugin-vlc - multimedia plugin for web browsers based on VLC vlc - multimedia player and streamer vlc-nox - multimedia player and streamer (without X support) vlc-plugin-alsa - dummy transitional package vlc-plugin-arts - aRts audio output plugin for VLC vlc-plugin-esd - Esound audio output plugin for VLC vlc-plugin-ggi - GGI video output plugin for VLC vlc-plugin-jack - Jack audio plugins for VLC vlc-plugin-sdl - SDL video and audio output plugin for VLC vlc-plugin-svgalib - SVGAlib video output plugin for VLC wxvlc - dummy transitional package Closes: 472635 473057 Changes: vlc (0.8.6.c-6+lenny3) testing-security; urgency=high . * Non-maintainer upload by the Security Team. * This update addresses the following security issues: - CVE-2008-1489: an integer overflow in the MP4_ReadBox_rdrf function that can be triggered via crafted atom size values could possibly lead to arbitrary code execution (Closes: #472635). - CVE-2008-0073: possible code execution via a crafted rtsp stream with a large streamid SDP parameter (Closes: #473057). Files: a154adf5e340c056d48f690aea8d2aac 2713 graphics optional vlc_0.8.6.c-6+lenny3.dsc 80193f533ef47d30463d3dfb2f79d491 39426 graphics optional vlc_0.8.6.c-6+lenny3.diff.gz 68f059b691db7422cd3b0aef65594b9d 804 graphics optional vlc-plugin-alsa_0.8.6.c-6+lenny3_all.deb 237c2429244caeff612ed430d9977ba3 798 graphics optional wxvlc_0.8.6.c-6+lenny3_all.deb 31aa2f01b3d7702476b432a5c33775bf 1159496 graphics optional vlc_0.8.6.c-6+lenny3_amd64.deb 01b7c4316e0c923e4ff0c0764efa0e48 4719008 net optional vlc-nox_0.8.6.c-6+lenny3_amd64.deb b633eb8ee19a3aefb4b7efa577de87ed 473634 libs optional libvlc0_0.8.6.c-6+lenny3_amd64.deb c7555dec2c1d9f32789a11622a367a8e 539922 libdevel optional libvlc0-dev_0.8.6.c-6+lenny3_amd64.deb 8e5eca4e237d7489976784d791c8edc5 4544 graphics optional vlc-plugin-esd_0.8.6.c-6+lenny3_amd64.deb 8c68f3ad13e185f37d6a5fafbadac038 11656 graphics optional vlc-plugin-sdl_0.8.6.c-6+lenny3_amd64.deb 9f2cc3af1b9a375bbaa615ead68b568d 6222 graphics optional vlc-plugin-ggi_0.8.6.c-6+lenny3_amd64.deb a10c33e116f82037b4b9a4d577fdac51 4192 graphics optional vlc-plugin-arts_0.8.6.c-6+lenny3_amd64.deb 81a6fe49b87cf4934e84d4365813bb70 38152 graphics optional mozilla-plugin-vlc_0.8.6.c-6+lenny3_amd64.deb 5d9f64f2d20bee2eadb9f492e34c2469 4812 graphics optional vlc-plugin-svgalib_0.8.6.c-6+lenny3_amd64.deb 60926a4e3dc3c4b0878396df1923bfa2 4882 graphics optional vlc-plugin-jack_0.8.6.c-6+lenny3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH74mSHYflSXNkfP8RAiYqAJ9aluODB9pwQ+jsGpMit2a6javNQgCgtioc YB4CoZ1NOadL79cYo79d+oY= =HB2M -----END PGP SIGNATURE----- Accepted: libvlc0-dev_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/libvlc0-dev_0.8.6.c-6+lenny3_amd64.deb libvlc0_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/libvlc0_0.8.6.c-6+lenny3_amd64.deb mozilla-plugin-vlc_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/mozilla-plugin-vlc_0.8.6.c-6+lenny3_amd64.deb vlc-nox_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-nox_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-alsa_0.8.6.c-6+lenny3_all.deb to pool/main/v/vlc/vlc-plugin-alsa_0.8.6.c-6+lenny3_all.deb vlc-plugin-arts_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-arts_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-esd_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-esd_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-ggi_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-ggi_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-jack_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-jack_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-sdl_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-sdl_0.8.6.c-6+lenny3_amd64.deb vlc-plugin-svgalib_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc-plugin-svgalib_0.8.6.c-6+lenny3_amd64.deb vlc_0.8.6.c-6+lenny3.diff.gz to pool/main/v/vlc/vlc_0.8.6.c-6+lenny3.diff.gz vlc_0.8.6.c-6+lenny3.dsc to pool/main/v/vlc/vlc_0.8.6.c-6+lenny3.dsc vlc_0.8.6.c-6+lenny3_amd64.deb to pool/main/v/vlc/vlc_0.8.6.c-6+lenny3_amd64.deb wxvlc_0.8.6.c-6+lenny3_all.deb to pool/main/v/vlc/wxvlc_0.8.6.c-6+lenny3_all.deb
