]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commit
projects / coffee / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 053496c) | patch
package/vlc: security bump version to 2.2.6
authorBernd Kuhls <bernd.kuhls@t-online.de>
Wed, 24 May 2017 21:13:17 +0000 (23:13 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 3 Jul 2017 14:41:28 +0000 (16:41 +0200)
commit911ed451f3aa4da4cb9b1fc66ee60815edd21c8b
treee4424a11c999be2a39ef484ba074d74dca7210f0tree | snapshot
parent053496c6b366d199f70cff81105a83d3ed9886e3commit | diff
package/vlc: security bump version to 2.2.6

Fixes CVE-2017-8312: Heap out-of-bound read in ParseJSS in VideoLAN VLC due
to missing check of string length allows attackers to read heap
uninitialized data via a crafted subtitles file.

[Peter: add CVE info]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit b2f2f92887df5333772a9d0b75b5c4cb5675dd88)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/vlc/vlc.hash diff | blob | history
package/vlc/vlc.mk diff | blob | history