[Bug 285922] Re: vlc: buffer overflow in TY demux
Launchpad Bug Tracker
285922 at bugs.launchpad.net
Thu Jul 2 17:11:50 UTC 2009
This bug was fixed in the package vlc - 0.9.4-1ubuntu3.2
---------------
vlc (0.9.4-1ubuntu3.2) intrepid-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution via stack-based overflow in
the Ty demux plugin (LP: #285922)
- debian/patches/901_CVE-2008-4654.patch: don't overflow mst_buf in
modules/demux/ty.c
- CVE-2008-4654
* SECURITY UPDATE: Arbitrary code execution via integer overflows in
the Ty demux plugin (LP: #285922)
- debian/patches/902_CVE-2008-4686.patch: make some variables unsigned
in modules/demux/ty.c so they don't overflow.
- CVE-2008-4686
* SECURITY UPDATE: Arbitrary code execution via stack-based buffer
overflow via invalid RealText subtitle file.
- debian/patches/903_CVE-2008-5036.patch: limit sscanf sizes in
modules/demux/subtitle.c
- CVE-2008-5036
* SECURITY UPDATE: Arbitrary code execution via heap-based buffer
overflow via malformed RealMedia file.
- debian/patches/904_CVE-2008-5276.patch: replace malloc with calloc in
modules/demux/real.c
- CVE-2008-5276
* SECURITY UPDATE: Denial of service via long input argument.
- debian/patches/905_CVE-2009-1045.patch: make sure we can't overflow
psz_dup in src/input/input.c
- CVE-2009-1045
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Sun, 28 Jun 2009
12:13:15 -0400
** Changed in: vlc (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5036
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5276
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1045
--
vlc: buffer overflow in TY demux
https://bugs.launchpad.net/bugs/285922
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list