Ubuntu
vlc package

Security problem with VLC media player (upgrade to version 0.9.8a recommended)

Bug #305100 reported by Bartosz Kosiorek
276
This bug affects 2 people
Affects Status Importance Assigned to Milestone
vlc (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: vlc

When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows.
Impact

If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player.

VLC media player 0.9.8a addresses this issue. Patches for older versions are available from the official VLC source code repository 0.9-bugfix branch.

The details of this bug is available at:
http://www.videolan.org/security/sa0811.html

The source code of the VLC 0.9.8a is located at:
http://www.videolan.org/vlc/download-sources.html

Related branches

lp:~motumedia/vlc/ubuntu
VCS imports: Pending requested
lp:ubuntu/karmic/vlc

CVE References

Revision history for this message
Chris Coulson (chrisccoulson) wrote :

Thank you for your bug report.

Changed in vlc:
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Reinhard Tartler (siretart) wrote :

I've just uploaded version 0.9.8a to experimental. now needs merging in ubuntu

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 0.9.8a-1ubuntu1

---------------
vlc (0.9.8a-1ubuntu1) jaunty; urgency=low

  * merge from debian. LP: #300328, #305100, #289263
  * Fixes CVE-2008-5276
  * remaining changes
    - build against libxul-dev instead of iceape-dev
    - build against libdca-dev, libass-dev and libx264-dev
    - build against and install libx264 plugin
    - adjust Vcs-Bzr Headers in debian/control
    - add Xb-Npp header to vlc package
    - debian/patches/301_DVD_media.diff: Change %U to %f
       in VLC .desktop file, cf LP #275043

vlc (0.9.8a-1) experimental; urgency=low

  * New upstream release
    + Fix integer overflow in Real demux (VideoLAN SA-2008-11, CVE-2008-5276)
  * Enable RealRTSP access module
  * Depends on libv4l-dev to add support of some webcam
  * Don't rebootstrap. The packages causing troubles previously have been fixed

 -- Reinhard Tartler <email address hidden> Sun, 07 Dec 2008 23:12:27 +0100

Changed in vlc:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.