Comment 1 for bug 756368

This bug was fixed in the package vlc - 1.1.4-1ubuntu1.5

---------------
vlc (1.1.4-1ubuntu1.5) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted width
    - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
      src/video_output/video_output.c.
    - CVE-2010-3275
    - CVE-2010-3276
  * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
    - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
      modules/demux/mp4/libmp4.c.
    - CVE-2011-1684
 -- Marc Deslauriers <email address hidden> Wed, 13 Apr 2011 23:21:01 -0400