vlc: add upstream security patches fixing CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before
2017-06-29, allows out-of-bounds heap memory write due to calling memcpy()
with a wrong size, leading to a denial of service (application crash) or
possibly code execution.
https://trac.videolan.org/vlc/ticket/18467
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
b9153ed9546ab00eb78c30899a62d3e868a7a778)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>