Summary: | <media-video/vlc-2.1.5: Heap Overflow in VLC Transcode Module | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | aambitny, media-video, proxy-maint |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/03/05/2 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 534532 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-03-05 07:57:24 UTC
Cleanup can be done as part of Bug #534532 New GLSA Request filed. Vulnerable versions of VLC (i.e. VLC < 2.2.x) are no longer in the tree; I recommend that the security team closes this bug. (In reply to Nick Andrade from comment #3) > Vulnerable versions of VLC (i.e. VLC < 2.2.x) are no longer in the tree; I > recommend that the security team closes this bug. Nick, thank you for the recommendation, but at this time we need to follow the Gentoo Vulnerability treatment policy. This bug is in GLSA status, meaning that the security team has to write and release a GLSA about this vulnerability. This issue was resolved and addressed in GLSA 201603-08 at https://security.gentoo.org/glsa/201603-08 by GLSA coordinator Kristian Fiskerstrand (K_F). |