Comment 14 for bug 195949

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

vlc (0.8.4.debian-1ubuntu6.2) dapper-security; urgency=low

  * SECURITY UPDATE:
    - debian/patches/CVE-2008-0984.dpatch (LP: #195949)
     + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
       suffers from an arbitrary memory overwrite vulnerability when using
       crash the player instance.

  * References
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
    - http://www.videolan.org/security/sa0802.html

 -- Emanuele Gentili <email address hidden> Wed, 27 Feb 2008 03:09:28 +0100