Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Update
patchinfo.5220
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5220
<patchinfo incident="5220"> <issue id="984382" tracker="bnc">VUL-0: vlc: Buffer Overflow in Processing QuickTime IMA Files (VideoLAN-SA-1601)</issue> <issue id="952051" tracker="bnc">VUL-1: CVE-2015-7981: libpng,libpng12,libpng15,libpng12-0,libpng16: out-of-bound read</issue> <issue id="954980" tracker="bnc">VUL-0: CVE-2015-8126: libpng,libpng12,libpng15,libpng16: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions</issue> <issue id="2015-7981" tracker="cve" /> <issue id="2015-8126" tracker="cve" /> <issue id="2016-1514" tracker="cve" /> <issue id="2016-1515" tracker="cve" /> <issue id="2016-5108" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>dimstar</packager> <description>This update for vlc to 2.2.4 to fix the following security issue: - CVE-2016-5108: Fix out-of-bound write in adpcm QT IMA codec (boo#984382). This also include an update of codecs and libraries to fix these 3rd party security issues: - CVE-2016-1514: Matroska libebml EbmlUnicodeString Heap Information Leak - CVE-2016-1515: Matroska libebml Multiple ElementList Double Free Vulnerabilities - CVE-2015-7981: The png_convert_to_rfc1123 function in png.c in libpng allowed remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read (bsc#952051). - CVE-2015-8126: Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image (bsc#954980). </description> <summary>Security update for vlc</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor