-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 05 Jun 2016 17:39:38 +0200 Source: vlc Binary: libvlc-dev libvlc5 libvlccore-dev libvlccore8 vlc vlc-data vlc-dbg vlc-nox vlc-plugin-fluidsynth vlc-plugin-jack vlc-plugin-notify vlc-plugin-sdl vlc-plugin-svg vlc-plugin-zvbi vlc-plugin-samba vlc-plugin-pulse Architecture: source amd64 all Version: 2.2.4-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Sebastian Ramacher <sramacher@debian.org> Description: libvlc-dev - development files for libvlc libvlc5 - multimedia player and streamer library libvlccore-dev - development files for libvlccore libvlccore8 - base library for VLC and its modules vlc - multimedia player and streamer vlc-data - Common data for VLC vlc-dbg - debugging symbols for vlc vlc-nox - multimedia player and streamer (without X support) vlc-plugin-fluidsynth - FluidSynth plugin for VLC vlc-plugin-jack - Jack audio plugins for VLC vlc-plugin-notify - LibNotify plugin for VLC vlc-plugin-pulse - transitional dummy package for vlc vlc-plugin-samba - Samba plugin for VLC vlc-plugin-sdl - SDL video and audio output plugin for VLC vlc-plugin-svg - SVG plugin for VLC vlc-plugin-zvbi - VBI teletext plugin for VLC Closes: 782229 784640 801448 825728 Changes: vlc (2.2.4-1~deb8u1) jessie-security; urgency=medium . * New upstream release. - quicktime: Reject invalid IMA files (CVE-2016-5108). (Closes: #825728) - pulse: Compute latency correctly if negative, fixing missing audio on high network latency. (Closes: #784640) - alsa: Fix audio device selection. (Closes: #801448) - hls: Fix hang on stop, crashes and stack overflow. - mkv: Fix infinite loop. - vpx: Fix crash. - mxf: Fix crash on stop. - adpcm: Fix double-free. - zvbi: Fix crash. - skins2: Fix crash on malformed skin bitmaps. - swscale: Fix crashes in swscale resizing. - mp4: Fix divide-by-zero crash in mux. - rtsp: Fix off-by-one buffer overflow. - mms: Fix segmentation fault on large allocation, fix overflows. - lua: Fix use-after-free. - httplive: Fix stack overflow. - avformat: Fix heap overflow, NULL dereference and double-free. - avcodec: Fix invalid free. - sdp: Fix read overflow. - vcd: Fix double-free. - aout: Fix use-after-free. - vout: Fix use-after-free. - realrtsp: Fix off-by-one and various crashes. - Fix various memory leaks. - Fix links to French TV icons. (Closes: #782229) * debian/patches/CVE-2015-5949.patch: Removed, included upstream. * debian/copyright: Update copyright years. * debian/libvlc5.symbols: Bump version of libvlc_event_type_name for new event names. Checksums-Sha1: c2a81d5d348d669f13e932aa5a3e6918d327cc46 5410 vlc_2.2.4-1~deb8u1.dsc ec171b0ad731d9d114540cd7b7fcb41fc3293696 22199316 vlc_2.2.4.orig.tar.xz c1e6fc378de4a1a1c94a1f7151b793db372143b4 58632 vlc_2.2.4-1~deb8u1.debian.tar.xz 2486365752fdb43c444fd5def34df88b9565dc9b 26644 libvlc-dev_2.2.4-1~deb8u1_amd64.deb 2af205752e0ea50ff1c417c4dce0c7332499c61d 47300 libvlc5_2.2.4-1~deb8u1_amd64.deb 8669be164371ad110f8e8dc2d3509430fad96e85 117672 libvlccore-dev_2.2.4-1~deb8u1_amd64.deb 9ab04d9c8201c9184994dfc2ba170189642ddd85 391538 libvlccore8_2.2.4-1~deb8u1_amd64.deb 102b6c511b324760521202791206a9a977c4df3d 1501062 vlc_2.2.4-1~deb8u1_amd64.deb d70a3bf2ae1084c0e2bd026dfd2f17840467ffd2 5991856 vlc-data_2.2.4-1~deb8u1_all.deb 0c7279a150a26913d8b27f8e0609b8f0eee05bd0 24359486 vlc-dbg_2.2.4-1~deb8u1_amd64.deb 010e66330cf606a7ca4533a501120d5ce3e4e87f 2530574 vlc-nox_2.2.4-1~deb8u1_amd64.deb 4f48c248dd641c7588433779e50aab36afccde7c 5652 vlc-plugin-fluidsynth_2.2.4-1~deb8u1_amd64.deb 3f1f7c4a2d225282a70e85a409a48f2e6ee6e90e 10928 vlc-plugin-jack_2.2.4-1~deb8u1_amd64.deb 9a79dd984d72fc96e4301533bd4375c310887b7f 5406 vlc-plugin-notify_2.2.4-1~deb8u1_amd64.deb 3c313c1dc8a8c74fa4661f35c270eeb6939035eb 8076 vlc-plugin-sdl_2.2.4-1~deb8u1_amd64.deb 30db842f64f1fde84d5386a244da613742141df6 5988 vlc-plugin-svg_2.2.4-1~deb8u1_amd64.deb ad38c05421d2263761d5e55f3b9f4933ff81ae70 11090 vlc-plugin-zvbi_2.2.4-1~deb8u1_amd64.deb d3c8caf201f2840e69d286bb54d4d486b350d786 4914 vlc-plugin-samba_2.2.4-1~deb8u1_amd64.deb f68009b1d049c8a9279bda1500e16e2c61a3619c 918 vlc-plugin-pulse_2.2.4-1~deb8u1_all.deb Checksums-Sha256: 68b37d784776558d7922e624c70ce56bd018474b07fd43bf623b6a0c0410a431 5410 vlc_2.2.4-1~deb8u1.dsc 1632e91d2a0087e0ef4c3fb4c95c3c2890f7715a9d1d43ffd46329f428cf53be 22199316 vlc_2.2.4.orig.tar.xz 154406a165cc67dc6a309eaf427d9708d3da3e45610ff587026b6d8d22d40ed3 58632 vlc_2.2.4-1~deb8u1.debian.tar.xz 0cd530cb3adb66bae0eda9690fb3441740768f8d007dd4d4b0e45af7284f3ddc 26644 libvlc-dev_2.2.4-1~deb8u1_amd64.deb d4415c1e7d600bb45c3f9f42844a3f528ebfac8b0af06d0f646c3d39476d5c60 47300 libvlc5_2.2.4-1~deb8u1_amd64.deb d793b7bbf2fbcefd8f6dead75589cd1ae9cdd1153961071fa08056105bdd7e80 117672 libvlccore-dev_2.2.4-1~deb8u1_amd64.deb 73cdda1f551662662d2b1fc65ecfae53007b0da0663ceabad70fce64c49f3f1c 391538 libvlccore8_2.2.4-1~deb8u1_amd64.deb 8cfed56989b30bb65dcbe758eaa58b5f4d5b546e38a2068e042b526f1220541d 1501062 vlc_2.2.4-1~deb8u1_amd64.deb ea1f614cf4fa80e722db8b2272dd50bfd3759db66fde33058d1b58a0d247240d 5991856 vlc-data_2.2.4-1~deb8u1_all.deb 57b7f3d10b83a23e7bb46064a4205fb6e8bbedc0d557421a7fd1972521da68db 24359486 vlc-dbg_2.2.4-1~deb8u1_amd64.deb 56b0a9a2e3009515f1654a7fc960e528cbb78c054260c12addbd613fd13b9af9 2530574 vlc-nox_2.2.4-1~deb8u1_amd64.deb 80321147e3a93bf545d9a609f430b98b080269ddf29f8349224a85eba7433d76 5652 vlc-plugin-fluidsynth_2.2.4-1~deb8u1_amd64.deb 910e5e09a0b2d620485ae58e70d86e76f3d94e366c3a2bbb7ba9548e41de9f4c 10928 vlc-plugin-jack_2.2.4-1~deb8u1_amd64.deb c9898dc5568e802d06d85bfd7ede4736339d8397b15dead71718bcee41f8777b 5406 vlc-plugin-notify_2.2.4-1~deb8u1_amd64.deb 831a012feb3390609adf556f13cd78d75d8e71763bb4d9243dedd44d0cd4df22 8076 vlc-plugin-sdl_2.2.4-1~deb8u1_amd64.deb 37eb8608930c0b0ed14f3dae0eace7b462418af755100ca0f852f1d7a67391f6 5988 vlc-plugin-svg_2.2.4-1~deb8u1_amd64.deb 38f1944479c56b60e87a760983a9116b6fef583dee238cd4bede45ccc06a4a63 11090 vlc-plugin-zvbi_2.2.4-1~deb8u1_amd64.deb b5ee8e6ce45bdfbc32f329ee046b66e3a781f596884f87452ab6c0664eeadfd3 4914 vlc-plugin-samba_2.2.4-1~deb8u1_amd64.deb 62615edf2cd299a2bd689a30466a73ac33275658ff546848af56797b5c57e6f9 918 vlc-plugin-pulse_2.2.4-1~deb8u1_all.deb Files: 3d4b9dd278afbe31d9e62cb8993b0f5b 5410 video optional vlc_2.2.4-1~deb8u1.dsc 55666c9898f658c7fcca12725bf7dd1b 22199316 video optional vlc_2.2.4.orig.tar.xz 87c6a121ba5861876f9cf77c071799f3 58632 video optional vlc_2.2.4-1~deb8u1.debian.tar.xz e63eac6a3055a19ea349246f719c9a98 26644 libdevel optional libvlc-dev_2.2.4-1~deb8u1_amd64.deb 1c80236409bb8f1d0462f8e6568b77f1 47300 libs optional libvlc5_2.2.4-1~deb8u1_amd64.deb bbca40814ec4cda7a72c3820d4f42bf7 117672 libdevel optional libvlccore-dev_2.2.4-1~deb8u1_amd64.deb 9877dba4ea9cd5d2a0274b70cdc97906 391538 libs optional libvlccore8_2.2.4-1~deb8u1_amd64.deb 31ff984b8dacd1dfc0b4307c3267068d 1501062 video optional vlc_2.2.4-1~deb8u1_amd64.deb 57087dd6bd9e986dd4c18b0709902ae0 5991856 video optional vlc-data_2.2.4-1~deb8u1_all.deb 3854391d78bc430789b4c45c1a4232bd 24359486 debug extra vlc-dbg_2.2.4-1~deb8u1_amd64.deb 6ff7bbf6ddf118553752233e30e09107 2530574 video optional vlc-nox_2.2.4-1~deb8u1_amd64.deb c5563b9e3473af838c52258504521965 5652 video optional vlc-plugin-fluidsynth_2.2.4-1~deb8u1_amd64.deb 9a9c6d699833d52072c7e7fa9f092d78 10928 video optional vlc-plugin-jack_2.2.4-1~deb8u1_amd64.deb fec0ba619d269d52af5c5e7ec68b2745 5406 video optional vlc-plugin-notify_2.2.4-1~deb8u1_amd64.deb e5817abab3be7f1a7c21085159732a1d 8076 video optional vlc-plugin-sdl_2.2.4-1~deb8u1_amd64.deb d6c90af8c4d538ae5a4d7b9118f3376e 5988 video optional vlc-plugin-svg_2.2.4-1~deb8u1_amd64.deb ac042e8d1d17bde53a3631f0694a75f6 11090 video optional vlc-plugin-zvbi_2.2.4-1~deb8u1_amd64.deb cca09fe449945530a4ba990133d7ff1f 4914 video optional vlc-plugin-samba_2.2.4-1~deb8u1_amd64.deb 5812aeb9ae30d6f1e4f14c3d1023b26a 918 video optional vlc-plugin-pulse_2.2.4-1~deb8u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXVJ21AAoJEGny/FFupxmTVLYP/iQ+vX89YpDz75BRjW83JcWf Oi8ZBxK/IjGiNWTmwbCHAnK6eAdzTd0iCgKCLhsivTvv08HKngHZiXUmYD+/5dFd fA1fHuKWigV2thuSSjPpGTgfI4YMgeTUHtLfvrvspgDMcu6nMFZwvGoDezuIDZjv NMUJoCNW9lrd2rBC1YiIj6QWoif9YU2TjwbrwSMdUfRCjeiG95GVcX52Et2HAiB2 kb/G5WfIJsXs+t10LAgKI4G38sN2YqiE4b9thpO1AALa1ooZ+y4jhrRwl3a8lsXf KL0m4qeuwSOlHVaHVrOb9Sv38hU5VDagAFkQ7x3Z2xLefkPVSVi7lgiGPwOTca7z OlUIZT66a3eDveEKKDyvfjkZjXvpF805sJMHVXxaYK9R063sFw1unlItH52qDpTT CFRWjsMLZVyyNI5BxUx6ShbW87/hGhtaZLPK0pIWcKffvx/PHd5x3T4k+WslQZ8m QecbtIl2yPhTKiqvwYkoDWJuHkwBGCBtbt2+dbSNdtbfZ1rc4UfEo4ShkwnVoeM5 ikD/8cw9ikbbyJSjDcPxALIS6hlh4jBOgcteaA6GCGqMYH2ZwLxrDCiLD49b5sAT D/odjUi0LrFbhUu4bJ/pcSlvHp+ETADRotXR4YS736deoqogrwAPgydbhYgg1vN5 9cmkMdNNb6syPXBZRutG =EK9A -----END PGP SIGNATURE-----