GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Mar 12, 2016 1:26 pm Post subject: [ glsa 201603-08 ] vlc |
|
|
Gentoo Linux Security Advisory
Title: VLC: Multiple vulnerabilities (GLSA 201603-08)
Severity: normal
Exploitable: remote
Date: March 12, 2016
Bug(s): #534532, #537154, #542222, #558418
ID: 201603-08
Synopsis
Multiple vulnerabilities have been found in VLC allowing remote
attackers to execute arbitrary code or cause Denial of Service.
Background
VLC is a cross-platform media player and streaming server.
Affected Packages
Package: media-video/vlc
Vulnerable: < 2.2.1-r1
Unaffected: >= 2.2.1-r1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in VLC. Please review the
CVE identifiers referenced below for details.
Impact
Remote attackers could possibly execute arbitrary code or cause Denial
of Service.
Workaround
There is no known work around at this time.
Resolution
All VLC users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/vlc-2.2.1-r1"
|
References
CVE-2014-1684
CVE-2014-6440
CVE-2014-9597
CVE-2014-9598
CVE-2014-9625
CVE-2014-9626
CVE-2014-9627
CVE-2014-9628
CVE-2014-9629
CVE-2014-9630
CVE-2015-1202
CVE-2015-1203
CVE-2015-5949
CVE-2015-5949
|
|