Comment 6 for bug 707154

This bug was fixed in the package vlc - 1.0.6-1ubuntu1.4

---------------
vlc (1.0.6-1ubuntu1.4) lucid-security; urgency=low

  * SECURITY UPDATE: heap overflow in CDG decoder (LP: #707154)
    - debian/patches/cdg-heap-overflow.diff: Fix heap overflow in CDG
      decoder, thanks to Dan Rosenberg
  * SECURITY UPDATE: heap corruption in some XML based subtitles decoder
    - debian/patches/xml-heap-corruption.diff: Handle early termination
      properly in StripTags, thanks to Harry Sintonen
 -- Benjamin Drung <email address hidden> Mon, 24 Jan 2011 22:59:31 +0100