UbuntuUpdates.org

Package "libvlccore8"

Name: libvlccore8

Description:

base library for VLC and its modules

Latest version: 2.2.2-5ubuntu0.16.04.4
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: vlc
Homepage: http://www.videolan.org/vlc/

Links


Download "libvlccore8"


Other versions of "libvlccore8" in Xenial

Repository Area Version
base universe 2.2.2-5
security universe 2.2.2-5ubuntu0.16.04.4

Changelog

Version: 2.2.2-5ubuntu0.16.04.4 2017-08-11 17:06:41 UTC

  vlc (2.2.2-5ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
    (LP: #1709420)
    - fix-CVE-2017-9300.patch
    - CVE-2017-9300

 -- Simon Quigley <email address hidden> Tue, 08 Aug 2017 13:59:52 -0500

Source diff to previous version
1709420 [CVE] flac: Fix heap write overflow on frame format change
CVE-2017-9300 plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and applica

Version: 2.2.2-5ubuntu0.16.04.3 2017-07-11 01:06:50 UTC

  vlc (2.2.2-5ubuntu0.16.04.3) xenial-security; urgency=high

  * SECURITY UPDATE: reject invalid QuickTime IMA files (LP: #1693893)
    - fix-CVE-2016-5108.patch
    - CVE-2016-5108
  * SECURITY UPDATE: Crash due to Out-of-Bound Heap Memory Write
    - fix-CVE-2017-10699.patch
    - CVE-2017-10699
  * SECURITY UPDATE: Fix potential out of bound reads
    - fix-CVE-2017-8310.patch
    - CVE-2017-8310
  * SECURITY UPDATE: Fix invalid double increment
    - fix-CVE-2017-8311.patch
    - CVE-2017-8311
  * SECURITY UPDATE: Fix potential heap buffer overflow
    - fix-CVE-2017-8312.patch
    - CVE-2017-8312
  * SECURITY UPDATE: ParseJSS: fix out-of-bounds read
    - fix-CVE-2017-8313.patch
    - CVE-2017-8313

 -- Simon Quigley <email address hidden> Fri, 07 Jul 2017 06:54:34 -0500

Source diff to previous version
1693893 Fix out-of-bounds read, potential heap buffer overflow, and other CVEs
CVE-2016-5108 Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause
CVE-2017-1069 RESERVED
CVE-2017-8310 Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond al
CVE-2017-8311 Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to
CVE-2017-8312 Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a craft
CVE-2017-8313 Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond alloc

Version: 2.2.2-5ubuntu0.16.04.2 2017-05-10 16:06:50 UTC

  vlc (2.2.2-5ubuntu0.16.04.2) xenial; urgency=medium

  * Don't enable GLESv1 support. (LP: #1676845)

 -- Timo Aaltonen <email address hidden> Tue, 28 Mar 2017 14:23:57 +0300

Source diff to previous version
1676845 libgles1-mesa is being removed, don't depend on it

Version: 2.2.2-5ubuntu0.16.04.1 2017-03-01 23:06:37 UTC

  vlc (2.2.2-5ubuntu0.16.04.1) xenial; urgency=medium

  [ Sebastian Ramacher ]
  * debian/patches: Apply upstream to fix VLSub incorrectly announcing HTTP
    1.1 support. (LP: #1639750)

 -- Brian Murray <email address hidden> Tue, 21 Feb 2017 15:23:51 -0800

1639750 subtitle downloads hang



About   -   Send Feedback to @ubuntu_updates