-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: vlc Binary: libvlc-dev, libvlc5, libvlccore-dev, libvlccore5, vlc, vlc-data, vlc-dbg, vlc-nox, vlc-plugin-fluidsynth, vlc-plugin-jack, vlc-plugin-notify, vlc-plugin-pulse, vlc-plugin-sdl, vlc-plugin-svg, vlc-plugin-zvbi Architecture: any all Version: 2.0.3-5+deb7u2 Maintainer: Debian Multimedia Maintainers <[email protected]> Uploaders: Sam Hocevar (Debian packages) <[email protected]>, Clément Stenac <[email protected]>, Loic Minier <[email protected]>, Christophe Mutricy <[email protected]>, Mohammed Adnène Trojette <[email protected]>, Reinhard Tartler <[email protected]>, Benjamin Drung <[email protected]> Homepage: http://www.videolan.org/vlc/ Standards-Version: 3.9.3 Vcs-Browser: http://git.debian.org/?p=pkg-multimedia/vlc.git;a=summary Vcs-Git: git://git.debian.org/git/pkg-multimedia/vlc.git Build-Depends: autopoint, debhelper (>= 8), dh-autoreconf, dh-buildinfo, gettext, liba52-0.7.4-dev, libaa1-dev, libasound2-dev (>= 1.0.16) [linux-any], libass-dev (>= 0.9.8), libavahi-client-dev, libavc1394-dev [linux-any], libavcodec-dev (>= 4:0.6), libavformat-dev (>= 4:0.6), libbluray-dev (>= 1:0.2.1), libcaca-dev (>= 0.99.beta4), libcddb2-dev, libcdio-dev (>= 0.78.2), libcrystalhd-dev [amd64 i386], libdc1394-22-dev (>= 2.1.0) [linux-any], libdca-dev, libdirac-dev, libdirectfb-dev, libdvbpsi-dev | libdvbpsi5-dev, libdvdnav-dev, libdvdread-dev (>= 0.9.5), libfaad-dev, libflac-dev (>= 1.1.2-3), libfluidsynth-dev, libfreetype6-dev, libfribidi-dev, libgl1-mesa-dev, libglib2.0-0, libgnutls-dev (>= 2.0.0), libgtk2.0-dev, libiso9660-dev (>= 0.72), libjack-dev, libkate-dev (>= 0.3.0), liblircclient-dev, liblivemedia-dev (>= 2011.12.23), liblua5.1-0-dev, libmad0-dev, libmatroska-dev (>= 1.0.0), libmodplug-dev (>= 1:0.8.8.1), libmpcdec-dev, libmpeg2-4-dev, libmtp-dev (>= 1.0.0), libncursesw5-dev, libnotify-dev, libogg-dev (>= 1.0), libomxil-bellagio-dev [linux-any], libpng-dev, libpostproc-dev (>= 4:0.6), libproxy-dev, libpulse-dev (>= 0.9.11), libqt4-dev (>= 4:4.6.0), libraw1394-dev (>= 2.0.1) [linux-any], libresid-builder-dev, librsvg2-dev, libsamplerate0-dev, libschroedinger-dev (>= 1.0.10), libsdl-image1.2-dev, libsdl1.2-dev (>= 1.2.10), libshout3-dev, libsidplay2-dev, libsmbclient-dev, libspeex-dev (>= 1.0.5), libspeexdsp-dev (>= 1.0.5), libsvga1-dev [amd64 i386], libswscale-dev (>= 4:0.6), libtag1-dev (>= 1.5), libtar-dev, libtheora-dev (>= 1.0), libtwolame-dev (>= 0.3.8), libudev-dev [linux-any], libupnp-dev, libv4l-dev [kfreebsd-any linux-any], libva-dev [linux-any], libvcdinfo-dev (>= 0.7.22), libvorbis-dev, libx11-dev, libx11-xcb-dev, libx264-dev (>= 2:0.86), libxcb-composite0-dev, libxcb-keysyms1-dev (>= 0.3.4), libxcb-randr0-dev (>= 1.3), libxcb-shm0-dev, libxcb-xv0-dev (>= 1.1.90.1), libxcb1-dev (>= 1.6), libxext-dev, libxinerama-dev, libxml2-dev, libxpm-dev, libxt-dev, libzvbi-dev (>= 0.2.28), lua5.1, pkg-config, zlib1g-dev Package-List: libvlc-dev deb libdevel optional libvlc5 deb libs optional libvlccore-dev deb libdevel optional libvlccore5 deb libs optional vlc deb video optional vlc-data deb video optional vlc-dbg deb debug extra vlc-nox deb video optional vlc-plugin-fluidsynth deb video optional vlc-plugin-jack deb video optional vlc-plugin-notify deb video optional vlc-plugin-pulse deb video optional vlc-plugin-sdl deb video optional vlc-plugin-svg deb video optional vlc-plugin-zvbi deb video optional Checksums-Sha1: 9f161d997eae613bc6431bcb2459e1aefad8d529 18268208 vlc_2.0.3.orig.tar.xz cf4dc7b22684b01222a7a2e14972fa5b9de14c7b 65013 vlc_2.0.3-5+deb7u2.debian.tar.gz Checksums-Sha256: fba9805f7415aebf5b88614de83802dc59d3282ff339128da41addf7e375d2d2 18268208 vlc_2.0.3.orig.tar.xz ca0f806a7e1d9fb3c6547a9373f03322209c69722608d5d2c2e88fadac1744ab 65013 vlc_2.0.3-5+deb7u2.debian.tar.gz Files: a7e79565e3df07dcf9abc6cad3ac26bb 18268208 vlc_2.0.3.orig.tar.xz c7d5dbd08c7fc1efa3434c54458ef277 65013 vlc_2.0.3-5+deb7u2.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUzzkfAAoJEK+lG9bN5XPLG3oP/0ebikShaa+mhBs215MeMsTC wnfaw+I1dn1h1zaVIiFtfI75SwvNVoia7ZMwEoyv1gCiknADMVLB0CYb11R1w8A9 G3QY839SjXrj6dHVmCdp8QuDsyxXkhdubS/yJsErOpR2kzG/9gzGDNPXfjQYD7P3 0EhvH/j1Kf+2aKO4ZXVXoYM2yN2IvsvVZ9uQjRHjiy4hJce2CQrzhRF1Mc/8wG6F cDzaP77pOD3FHNgoWeFRF4hCPVZ0CDXYa6zPwSIuuQQTKQnNX0Jg82uexOa8w9je gVYZGgl3hobLhJOzHSbputLiIAj7mo8I+qA2EYnl3r9htr4I+kE2mqul+B1dFjTE j5jK/mU9LmYxTh3VDuBr0GXkHD2ln7Kl3oiumYWmtBY2UPKeMNcBbSMx99rvCprG G6uzXW4PyZv08URfxZNFxFXtwlmrUDG7h802XIxBXYtwzMCkNgSnLbv8qFzKAtKo a5wlBSdqD47xe5ZaqLh9FvlUaqAGB1vzdSyheVHNXbFnLFncmZr7E5skdP8wtL6i MFp7oa/K1eYK/lkyL3PVWTacLwsxfWKU6brSXUCxJrjjNtOjL7aTHSHbCZsH1s96 ME0e+u9oLHjy8vJf9ZC6lgRh2Nc+QCVYe80YcLkEywQ8Rnhyg8XAnP5VSxOOyIYr jT8iK9FgiU4WUyUpaRUe =9FCd -----END PGP SIGNATURE----- Changes: vlc (2.0.3-5+deb7u2) wheezy-security; urgency=high * Fix multiple vulnerabilities (Closes: #775866): - Fix potential buffer overflow in the Dirac and Schroedinger encoders as per CVE-2014-9629 - Fix buffer overflow when parsing string boxes in the MP4 demuxer as per CVE-2014-9626, CVE-2014-9627, CVE-2014-9628 - Fix possible invalid memory access in the RTP code as per CVE-2014-9630 * Set urgency=high accordingly -- Alessandro Ghedini <[email protected]> Sun, 01 Feb 2015 11:53:45 +0100
