Bug#633675: vlc-nox: heap overflow in AVI plugin
Remi Denis-Courmont
remi at remlab.net
Tue Jul 12 19:28:42 UTC 2011
Package: vlc-nox
Version: 1.1.10-1+b1
Severity: grave
Tags: security upstream
Justification: user security hole
See upstream advisory for details:
http://www.videolan.org/security/sa1106.html
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (100, 'unstable'), (100, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.39.2-00021-g5f66958 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages vlc-nox depends on:
ii liba52-0.7.4 0.7.4-16 library for decoding ATSC A/52 str
ii libasound2 1.0.23-4 shared library for ALSA applicatio
ii libass4 0.9.12-1 library for SSA/ASS subtitles rend
ii libavahi-client3 0.6.30-5 Avahi client library
ii libavahi-common3 0.6.30-5 Avahi common library
ii libavc1394-0 0.5.3-1+b2 control IEEE 1394 audio/video devi
ii libavcodec52 4:0.6.2-3 Libav codec library
ii libavformat52 4:0.6.2-3 Libav file format library
ii libavutil50 4:0.6.2-3 Libav utility library
ii libc6 2.13-10 Embedded GNU C Library: Shared lib
ii libcaca0 0.99.beta17-2 colour ASCII art library
ii libcddb2 1.3.2-3 library to access CDDB data - runt
ii libcdio10 0.81-4 library to read and control CD-ROM
ii libdbus-1-3 1.4.12-4 simple interprocess messaging syst
ii libdc1394-22 2.1.3-4 high level programming interface f
ii libdca0 0.0.5-4 decoding library for DTS Coherent
ii libdirac-decoder0 1.0.2-4 open and royalty free high quality
ii libdirac-encoder0 1.0.2-4 open and royalty free high quality
ii libdvbpsi7 0.2.0-1 library for MPEG TS and DVB PSI ta
ii libdvdnav4 4.1.3-7 DVD navigation library
ii libdvdread4 4.1.3-10 library for reading DVDs
ii libebml3 1.2.1-1 access library for the EBML format
ii libfaad2 2.7-6 freeware Advanced Audio Decoder -
ii libflac8 1.2.1-3 Free Lossless Audio Codec - runtim
ii libfontconfig1 2.8.0-3 generic font configuration library
ii libfreetype6 2.4.4-2 FreeType 2 font engine, shared lib
ii libfribidi0 0.19.2-1 Free Implementation of the Unicode
ii libgcc1 1:4.6.1-3 GCC support library
ii libgcrypt11 1.4.6-7 LGPL Crypto library - runtime libr
ii libgnutls26 2.10.5-2 the GNU TLS library - runtime libr
ii libgpg-error0 1.10-0.3 library for common error values an
ii libiso9660-7 0.81-4 library to work with ISO9660 files
ii libkate1 0.3.8-1 Kate is a codec for karaoke and te
ii liblircclient0 0.9.0~pre1-1 infra-red remote control support -
ii liblua5.1-0 5.1.4-5 Simple, extensible, embeddable pro
ii libmad0 0.15.1b-6 MPEG audio decoder library
ii libmatroska4 1.2.0-1 extensible open standard audio/vid
ii libmodplug1 1:0.8.8.2-3 shared libraries for mod music bas
ii libmpcdec6 2:0.1~r459-1 MusePack decoder - library
ii libmpeg2-4 0.4.1-3 MPEG1 and MPEG2 video decoder libr
ii libmtp8 1.0.6-7 Media Transfer Protocol (MTP) libr
ii libncursesw5 5.9-1 shared libraries for terminal hand
ii libogg0 1.2.2~dfsg-1 Ogg bitstream library
ii libpng12-0 1.2.44-3 PNG library - runtime
ii libpostproc51 4:0.6.2-3 Libav video postprocessing library
ii libproxy0 0.3.1-2 automatic proxy configuration mana
ii libraw1394-11 2.0.7-1 library for direct access to IEEE
ii libschroedinger-1.0-0 1.0.10-2.1 library for encoding/decoding of D
ii libshout3 2.2.2-5+b1 MP3/Ogg Vorbis broadcast streaming
ii libsmbclient 2:3.5.9~dfsg-1 shared library for communication w
ii libspeex1 1.2~rc1-1 The Speex codec runtime library
ii libstdc++6 4.6.1-3 GNU Standard C++ Library v3
ii libswscale0 4:0.6.2-3 Libav video scaling library
ii libtag1c2a 1.7-1 audio meta-data library
ii libtheora0 1.1.1+dfsg.1-3 The Theora Video Compression Codec
ii libtwolame0 0.3.13-1 MPEG Audio Layer 2 encoding librar
ii libudev0 171-2 libudev shared library
ii libupnp3 1:1.6.6-5.1 Portable SDK for UPnP Devices, ver
ii libusb-0.1-4 2:0.1.12-17 userspace USB programming library
ii libv4l-0 0.8.4-3 Collection of video4linux support
ii libvcdinfo0 0.7.23-4+b2 library to extract information fro
ii libvlc5 1.1.10-1+b1 multimedia player and streamer lib
ii libvlccore4 1.1.10-1+b1 base library for VLC and its modul
ii libvorbis0a 1.3.2-1 The Vorbis General Audio Compressi
ii libvorbisenc2 1.3.2-1 The Vorbis General Audio Compressi
ii libxml2 2.7.8.dfsg-3 GNOME XML library
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
vlc-nox recommends no packages.
vlc-nox suggests no packages.
Versions of packages vlc depends on:
ii libaa1 1.4p5-38+b1 ascii art library
ii libavcodec52 4:0.6.2-3 Libav codec library
ii libavutil50 4:0.6.2-3 Libav utility library
ii libc6 2.13-10 Embedded GNU C Library: Shared lib
ii libfreetype6 2.4.4-2 FreeType 2 font engine, shared lib
ii libfribidi0 0.19.2-1 Free Implementation of the Unicode
ii libgcc1 1:4.6.1-3 GCC support library
ii libgl1-mesa-glx [libgl1 7.10.3-3 free implementation of the OpenGL
ii libice6 2:1.0.7-2 X11 Inter-Client Exchange library
ii libqtcore4 4:4.7.3-5 Qt 4 core module
ii libqtgui4 4:4.7.3-5 Qt 4 GUI module
ii libsdl-image1.2 1.2.10-2.1 image loading library for Simple D
ii libsdl1.2debian 1.2.14-6.4 Simple DirectMedia Layer
ii libsm6 2:1.2.0-2 X11 Session Management library
ii libstdc++6 4.6.1-3 GNU Standard C++ Library v3
ii libtar0 1.2.11-8 C library for manipulating tar arc
ii libva-x11-1 1.0.12-2 Video Acceleration (VA) API for Li
ii libva1 1.0.12-2 Video Acceleration (VA) API for Li
ii libvlccore4 1.1.10-1+b1 base library for VLC and its modul
ii libx11-6 2:1.4.3-2 X11 client-side library
ii libx11-xcb1 2:1.4.3-2 Xlib/XCB interface library
ii libxcb-keysyms1 0.3.8-1 utility libraries for X C Binding
ii libxcb-randr0 1.7-3 X C Binding, randr extension
ii libxcb-shm0 1.7-3 X C Binding, shm extension
ii libxcb-xv0 1.7-3 X C Binding, xv extension
ii libxcb1 1.7-3 X C Binding
ii libxext6 2:1.3.0-3 X11 miscellaneous extension librar
ii libxpm4 1:3.5.9-1 X11 pixmap library
ii ttf-freefont 20100919-1 Freefont Serif, Sans and Mono True
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages vlc recommends:
pn vlc-plugin-notify <none> (no description available)
ii vlc-plugin-pulse 1.1.10-1+b1 PulseAudio plugin for VLC
ii xdg-utils 1.1.0~rc1-2 desktop integration utilities from
Versions of packages vlc suggests:
pn mozilla-plugin-vlc <none> (no description available)
pn videolan-doc <none> (no description available)
Versions of packages libvlc5 depends on:
ii libc6 2.13-10 Embedded GNU C Library: Shared lib
ii libvlccore4 1.1.10-1+b1 base library for VLC and its modul
Versions of packages libvlccore4 depends on:
ii libc6 2.13-10 Embedded GNU C Library: Shared lib
ii libdbus-1-3 1.4.12-4 simple interprocess messaging syst
ii vlc-data 1.1.10-1 Common data for VLC
Versions of packages vlc-nox is related to:
ii libavutil50 4:0.6.2-3 Libav utility library
pn libavutil51 <none> (no description available)
-- no debconf information
More information about the pkg-multimedia-maintainers
mailing list