Change logs for vlc source package in Wheezy

  • vlc (2.0.3-5+deb7u2) wheezy-security; urgency=high
    
      * Fix multiple vulnerabilities (Closes: #775866):
        - Fix potential buffer overflow in the Dirac and Schroedinger encoders
          as per CVE-2014-9629
        - Fix buffer overflow when parsing string boxes in the MP4 demuxer
          as per CVE-2014-9626, CVE-2014-9627, CVE-2014-9628
        - Fix possible invalid memory access in the RTP code as per CVE-2014-9630
      * Set urgency=high accordingly
    
     -- Alessandro Ghedini <email address hidden>  Sun, 01 Feb 2015 11:53:45 +0100
  • vlc (2.0.3-5+deb7u1) wheezy-security; urgency=low
    
    
      * CVE-2013-1868 CVE-2013-1954 CVE-2013-4388
    
     -- Moritz Muehlenhoff <email address hidden>  Thu, 02 Jul 2014 18:42:33 +0000
  • vlc (2.0.3-5) testing; urgency=low
    
    
      * vlc-plugin-*: Break vlc-nox (<< 2.0.0) to workaround running an outdated
        vlc-cache-gen. (Closes: #685243)
    
     -- Benjamin Drung <email address hidden>  Mon, 04 Mar 2013 16:15:02 +0100
  • vlc (2.0.3-4) testing; urgency=low
    
    
      * SECURITY UPDATE: denial of service via crafted PNG file (Closes: #692130)
        - CVE-2012-5470
    
     -- Benjamin Drung <email address hidden>  Thu, 06 Dec 2012 21:55:05 +0100
  • vlc (2.0.3-3) unstable; urgency=low
    
    
      * debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
        Thanks to David Prévot <email address hidden> (Closes: #687657)
      * debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
        Thanks to David Prévot for the patch.
      * Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
        LP: #970447)
      * Drop alternative dependency on transitional ttf-freefont.
    
     -- Benjamin Drung <email address hidden>  Thu, 04 Oct 2012 20:59:21 +0200
  • vlc (2.0.3-2) unstable; urgency=low
    
    
      * debian/rules: Use xz compression for binary packages.
        Thanks to Ansgar Burchardt <email address hidden> (Closes: #683836)
      * Add version to vlc-nox dependency of vlc-plugin-sdl (consistent with other
        plug-ins).
    
     -- Benjamin Drung <email address hidden>  Sat, 18 Aug 2012 17:45:01 +0200
  • vlc (2.0.3-1) unstable; urgency=low
    
    
      * New upstream release.
    
     -- Benjamin Drung <email address hidden>  Sat, 21 Jul 2012 17:52:21 +0200
  • vlc (2.0.2-2) unstable; urgency=low
    
    
      * Add missing epoch to libqt4-dev build dependency.
      * Drop libggi2-dev from build dependencies (not needed any more).
        (Closes: #680237)
      * The dependency ttf-freefont was renamed to fonts-freefont-ttf.
    
     -- Benjamin Drung <email address hidden>  Sat, 07 Jul 2012 19:13:07 +0200
  • vlc (2.0.2-1) unstable; urgency=medium
    
    
      [ Edward Wang ]
      * New upstream release (Closes: #679625, #664279, LP: #689122, #936488,
        #942126, #971106, #972615, #973051, #987231, #995003, #998538).
        - Fix Ogg Heap buffer overflow. Thanks to Hugo Beauzée-Luyssen
      * Add the crystalhd plugin to the vlc distribution.
      * libcaca_plugin.so now depends on X11 in this release, so it must
        be installed under vlc (versus vlc-nox).
    
      [ Reinhard Tartler ]
      * Urgency set to medium because a security issue is fixed in this release
    
      [ Benjamin Drung ]
      * Add new plugins to vlc-nox:
        - crystalhd (Linux amd64 and i386 only)
        - directfb
        - fbosd (Linux only)
        - omxil (Linux only)
      * Add build dependencies for new plugins.
      * Add new symbols to libvlccore5.
      * Switch to debhelper 8.
    
     -- Benjamin Drung <email address hidden>  Sat, 30 Jun 2012 18:39:41 +0200
  • vlc (2.0.1-4) unstable; urgency=high
    
    
      * Add missing Breaks and Replaces for moving the documentation from vlc-data
        away from /usr/share/doc/vlc before converting the directory into a symlink.
        (Closes: #665743)
    
     -- Benjamin Drung <email address hidden>  Fri, 30 Mar 2012 01:56:37 +0200
  • vlc (2.0.0-6) unstable; urgency=high
    
    
      * Fix FTBFS on kFreeBSD (Closes: #661819):
        - Drop --as-needed as it breaks the build fix for kFreeBSD.
        - Enable linsys only on Linux and exclude the plugins from non-Linux.
          Thanks to Cyril Brulebois for the patch.
        - Adapt the vlc-cache-gen linking patch from Sam Hocevar to also link
          vlc with the C++ standard library.
      * Set urgency to high for the RC bug fix.
    
     -- Benjamin Drung <email address hidden>  Thu, 01 Mar 2012 22:28:30 +0100
  • vlc (1.1.13-1) unstable; urgency=low
    
    
      * New upstream release (Closes: #604687).
      * Drop backported patches and patches that were accepted by upstream.
      * Refresh remaining patches.
      * Add mailcap entry for Ogg Video (Closes: #651662).
    
     -- Benjamin Drung <email address hidden>  Sat, 31 Dec 2011 13:42:26 +0100
  • vlc (1.1.12-3) unstable; urgency=low
    
    
      [ Didier Raboud ]
      * Install v4l2 modules on kfreebsd-*. (Closes: #648090)
    
      [ Benjamin Drung ]
      * Explicitly enable v4l2 on kfreebsd and build depend on libv4l-dev.
      * Fix build failure with Iceweasel/Firefox 8.0. Thanks to Mathieu
        Trudel-Lapierre for backporting the upstream patch.
    
     -- Benjamin Drung <email address hidden>  Thu, 17 Nov 2011 00:10:53 +0100
  • vlc (1.1.12-2) unstable; urgency=low
    
    
      * Apply patches from upstream's 1.1 maintenance branch.
        - Turn on XVideo color key automatic painting (fix upstream #4643)
        - Set channel map when using PulseAudio 1.0
        - Translation updates
    
     -- Benjamin Drung <email address hidden>  Thu, 13 Oct 2011 20:17:03 +0200
  • vlc (1.1.11-2) unstable; urgency=low
      * Use linux-any instead of hardcoded list of non-Linux architectures.    (Closes: #634726)  * Build and install the libx264 plugin.  * Add firefox-dev as alternative build dependency to xulrunner-dev for Ubuntu.  * Build with "--with-mozilla-pkg=mozilla-plugin" rather than    "--with-mozilla-pkg=libxul". The plugin doesn't appear to be using XPCOM,    and shouldn't be linking against Mozilla libs. Thanks to Chris Coulson. -- Benjamin Drung <email address hidden>  Tue, 26 Jul 2011 20:11:10 +0200
  • vlc (1.1.10-1) unstable; urgency=high
      [ Benjamin Drung ]  * New upstream release.    - Security: Fix XSPF integer overflow (CVE-2011-2194) (LP: #795410)    - Improve .desktop file:      - Add smb as supported protocol (Closes: #622879, LP: #737192)      - add video/webm to supported MIME formats (LP: #769463)    - Fix libdvdread errors while playing ogg files (Closes: #622935)    - Support three channels in pulseaudio output plugin (LP: 743478)    - PulseAudio output re-written due to unstability of the current one      (LP: #743323)    - Fix crashes (LP: #754497, #785979)    - Qt: allow drag and drop of any URL, not just a local file (LP: #664030)    - Fix libvlcplugin.so: undefined symbol: NPP_Initialize (LP: #722690)  * Refresh patches.  * Drop as-needed patch due to autoreconf run.  * Backport PulseAudio build fix.  * Add GNOME MIME types for Ogg Vorbis and Ogg Theora (Closes: #629619).  * Mention potcast support in package description (Closes: #488771).  [ Reinhard Tartler ]  * run autoreconf on the buildds  * Weaken dependencies on libschroedinger -- Benjamin Drung <email address hidden>  Sat, 11 Jun 2011 19:32:24 +0200
  • vlc (1.1.9-1) unstable; urgency=medium
      * New upstream release.    - Fix heap corruption in MP4 demuxer (LP: #756368).    - Fix fullscreen controller has no background in KDE4 (LP: #661020).  * Refresh patches and drop backported VideoLAN-SA-1103.patch.  * Adjust the vlc lintian-overrides for the latest lintian version. -- Benjamin Drung <email address hidden>  Thu, 14 Apr 2011 11:18:57 +0200
  • vlc (1.1.7-3) unstable; urgency=low
      * adjust debian/source/local-options to team guidelines  * Fix building against libmatroska 1.1, Closes: #614088  * Add myself to Uploaders.  * build against libmatroska 1.1.0 -- Reinhard Tartler <email address hidden>  Sun, 06 Mar 2011 11:16:48 +0100
  • vlc (1.1.7-2) unstable; urgency=low
      * Upload to unstable.  * Make vlc compatible with xulrunner 1.9.1. -- Benjamin Drung <email address hidden>  Mon, 07 Feb 2011 23:16:02 +0100
  • vlc (1.1.3-1squeeze2) unstable; urgency=medium
      * Fix heap overflow in CDG decoder - thanks to Dan Rosenberg  * Fix heap corruption in some XML based subtitles decoder - thanks to    Harry Sintonen  * Set urgency to medium -- Christophe Mutricy <email address hidden>  Mon, 24 Jan 2011 22:13:57 +0100