MGASA-2013-0241
- Source
- https://advisories.mageia.org/MGASA-2013-0241.html
- Import Source
- https://advisories.mageia.org/MGASA-2013-0241.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2013-0241
- Related
- Published
- 2013-08-09T17:34:07Z
- Modified
- 2013-08-09T17:33:55Z
- Summary
- Updated vlc package fixes security vulnerability.
- Details
-
2.0.8 Demux: * sgimb: use after free (fixes #8724 https://trac.videolan.org/vlc/ticket/8724 ) * Improve resistance and checking against malformed MKV files (Check element size before reading it. This should avoid integer overflows inside the libebml causing heap buffer overflow. Since new called by the lib is limited to SIZE_MAX bytes.)
Access: * qtsound: fix crash when freeing memory
2.0.7 Input: * Fix memory exhaustion vulnerability when playing specifically crafted playlist files. (stream_ReadLine: correctly return an error on overflow fixes #7361 https://trac.videolan.org/vlc/ticket/7361 )
HTTP Interface: * lua http: Fix two xss vulnerabilities (CVE-2013-3565)
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:3 / vlc
Package
- Name
- vlc
- Purl
- pkg:rpm/mageia/vlc?distro=mageia-3
Mageia:3 / vlc
Package
- Name
- vlc
- Purl
- pkg:rpm/mageia/vlc?distro=mageia-3
Mageia:2 / vlc
Package
- Name
- vlc
- Purl
- pkg:rpm/mageia/vlc?distro=mageia-2
Mageia:2 / vlc
Package
- Name
- vlc
- Purl
- pkg:rpm/mageia/vlc?distro=mageia-2