Lucene search
SuseOPENSUSE-SU-2016:1651-1HistoryJun 22, 2016 - 2:09 p.m.
Security update for vlc (important)
2016-06-2214:09:48
lists.opensuse.org
16
0.26 Low
EPSS
Percentile
96.2%
This update for vlc to version 2.1.6 fixes the following issues:
These CVE were fixed:
- CVE-2016-5108: Reject invalid QuickTime IMA files (boo#984382).
- CVE-2016-3941: Heap overflow in processing wav files (boo#973354).
These security issues without were fixed:
- Fix heap overflow in decomp stream filter.
- Fix buffer overflow in updater.
- Fix potential buffer overflow in schroedinger encoder.
- Fix null-pointer dereference in DMO decoder.
- Fix buffer overflow in parsing of string boxes in mp4 demuxer.
- Fix SRTP integer overflow.
- Fix potential crash in zip access.
- Fix read overflow in Ogg demuxer.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 13.2 | i586 | vlc-qt | < 2.1.6-2.10.1 | vlc-qt-2.1.6-2.10.1.i586.rpm |
| openSUSE | 13.2 | i586 | vlc-debuginfo | < 2.1.6-2.10.1 | vlc-debuginfo-2.1.6-2.10.1.i586.rpm |
| openSUSE | 13.2 | x86_64 | vlc-qt | < 2.1.6-2.10.1 | vlc-qt-2.1.6-2.10.1.x86_64.rpm |
| openSUSE | 13.2 | i586 | vlc-nox-debuginfo | < 2.1.6-2.10.1 | vlc-noX-debuginfo-2.1.6-2.10.1.i586.rpm |
| openSUSE | 13.2 | x86_64 | vlc-debuginfo | < 2.1.6-2.10.1 | vlc-debuginfo-2.1.6-2.10.1.x86_64.rpm |
| openSUSE | 13.2 | x86_64 | vlc-devel | < 2.1.6-2.10.1 | vlc-devel-2.1.6-2.10.1.x86_64.rpm |
| openSUSE | 13.2 | x86_64 | libvlccore7-debuginfo | < 2.1.6-2.10.1 | libvlccore7-debuginfo-2.1.6-2.10.1.x86_64.rpm |
| openSUSE | 13.2 | x86_64 | vlc-qt-debuginfo | < 2.1.6-2.10.1 | vlc-qt-debuginfo-2.1.6-2.10.1.x86_64.rpm |
| openSUSE | 13.2 | i586 | vlc-gnome | < 2.1.6-2.10.1 | vlc-gnome-2.1.6-2.10.1.i586.rpm |
| openSUSE | 13.2 | i586 | libvlccore7 | < 2.1.6-2.10.1 | libvlccore7-2.1.6-2.10.1.i586.rpm |
Related
nessus
nessus
openSUSE Security Update : vlc (openSUSE-2016-755)
2016-06-23 00:00:00
FreeBSD : VLC -- Possibly remote code execution via crafted file (6d402857-2fba-11e6-9f31-5404a68ad561)
2016-06-14 00:00:00
Debian DSA-3598-1 : vlc - security update
2016-06-09 00:00:00
openvas
openvas
openSUSE: Security Advisory for vlc (openSUSE-SU-2016:1651-1)
2016-06-23 00:00:00
VLC Media Player Denial of Service Vulnerability (Apr 2016) - Windows
2016-04-26 00:00:00
Debian: Security Advisory (DSA-3598-1)
2016-06-06 00:00:00
cvelist
cvelist
CVE-2016-3941
2016-04-18 15:00:00
CVE-2016-5108
2016-06-08 14:00:00
cve
cve
CVE-2016-3941
2016-04-18 15:59:00
CVE-2016-5108
2016-06-08 15:00:00
debiancve
debiancve
CVE-2016-3941
2016-04-18 15:59:00
CVE-2016-5108
2016-06-08 15:00:00
zdt
zdt
VideoLAN VLC Media Player 2.2.1 - DecodeAdpcmImaQT Buffer Overflow Exploit
2017-01-12 00:00:00
prion
prion
Buffer overflow
2016-06-08 15:00:00
Buffer overflow
2016-04-18 15:59:00
gentoo
gentoo
VLC: Buffer overflow
2017-01-17 00:00:00
archlinux
archlinux
vlc: arbitrary code execution
2016-06-25 00:00:00
freebsd
freebsd
VLC -- Possibly remote code execution via crafted file
2016-05-25 00:00:00
ubuntucve
ubuntucve
CVE-2016-5108
2016-06-08 00:00:00
CVE-2016-3941
2016-04-18 00:00:00
kaspersky
kaspersky
debian
debian
[SECURITY] [DSA 3598-1] vlc security update
2016-06-07 20:30:44
mageia
mageia
Updated vlc/mad packages fix security vulnerability
2016-06-10 22:06:07
suse
suse
Security update for vlc (important)
2016-06-22 14:10:14