Mageia alert MGASA-2019-0233 (vlc)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2019-0233: Updated vlc packages fixes security vulnerabilities | |
| Date: | Sat, 31 Aug 2019 15:23:47 +0200 | |
| Message-ID: | <20190831132347.6C1F59F640@duvel.mageia.org> |
MGASA-2019-0233 - Updated vlc packages fixes security vulnerabilities Publication date: 31 Aug 2019 URL: https://advisories.mageia.org/MGASA-2019-0233.html Type: security Affected Mageia releases: 6, 7 CVE: CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970 Description: Updated vlc packages fixes security vulnerabilities: Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed (CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970). The vlc package has been updated to version 3.0.8, fixing these issues and other bugs. In Mageia 6, the libebml package has been updated to version 1.3.7, which is needed for Matroska support. References: - https://bugs.mageia.org/show_bug.cgi?id=25284 - https://www.videolan.org/security/sb-vlc308.html - https://www.videolan.org/developers/vlc-branch/NEWS - https://www.debian.org/security/2019/dsa-4504 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... SRPMS: - 7/tainted/vlc-3.0.8-1.mga7.tainted - 7/core/vlc-3.0.8-1.mga7 - 6/tainted/vlc-3.0.8-1.mga6.tainted - 6/core/vlc-3.0.8-1.mga6 - 6/core/libebml-1.3.7-1.mga6