Univention Bugzilla – Bug 47294
vlc: Multiple issues (4.3)
Last modified: 2018-07-04 14:54:07 CEST
New Debian vlc 3.0.2-0+deb9u1 fixes: This update addresses the following issue(s): * This update addresses the following issue(s): * * In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation. (CVE-2017-17670) 3.0.2-0+deb9u1 (Thu, 03 May 2018 20:55:01 +0200) * New upstream release following the LTS release branch. - Install vlc_interface.h. - Fix stuttering with ALSA output. - Fix CRC errors in some FLAC files. - Add support for Wayland. - Better support for HLS. - Update VLSub. - Fix issues with green borders. * Remove embedded copy of ffmpeg. * debian/: Adapt to vlc 3.0 packaging: - Drop ffmpeg build dependencies. - Remove unused build dependencies: libcdio-dev, libdirectfb-dev, libgles1-mesa-dev. - Add new build dependencies: bison, flex, libarchive-dev, libharfbuzz-dev, libmicrodns-dev, libmpg123-dev, libnfs-dev, libprotobuf-dev, libqt5svg5-dev, libsecret-1-dev, libsoxr-dev, libsystemd-dev, protobuf-compiler, wayland-protocols. - Drop vlc-plugin-sdl. - Turn vlc-plugin-zvbi into a transitional package. - Update Breaks+Replaces versions. - Remove patches integrated upstream. - Update copyright information. - Add new symbols. - Enable all hardening options. - Update configure flags for 3.0. - Update install files for new and removed plugins.
*** Bug 47297 has been marked as a duplicate of this bug. ***
[4.3-1] 03f15a1f59 Bug #47294: vlc 3.0.2-0+deb9u1 doc/errata/staging/phonon-backend-vlc.yaml | 10 ++++++++++ doc/errata/staging/vlc.yaml | 15 +++++++++++++++ 2 files changed, 25 insertions(+) <http://xen1.knut.univention.de:8000/packages/binary/libmicrodns0/> <http://xen1.knut.univention.de:8000/packages/binary/libnfs8/> [4.3-1] 4b8816b2d0 Bug #47294: vlc 3.0.2-0+deb9u1 doc/errata/staging/libmicrodns.yaml | 12 ++++++++++++ doc/errata/staging/libnfs.yaml | 12 ++++++++++++ 2 files changed, 24 insertions(+) <http://10.200.17.11/4.3-1/#2121822967236107910>
<http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-1/job/ErrataValidation/233/console> OK: Jenkins <http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-1/job/AutotestJoin/lastCompletedBuild/testReport/>
<http://errata.software-univention.de/ucs/4.3/142.html> <http://errata.software-univention.de/ucs/4.3/143.html> <http://errata.software-univention.de/ucs/4.3/144.html> <http://errata.software-univention.de/ucs/4.3/145.html>