1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4671-1] vlc security update

    From Moritz Muehlenhoff@1:229/2 to All on Thu Apr 30 22:50:02 2020
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4671-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    April 30, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : vlc
    CVE ID : CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077
    CVE-2020-6078 CVE-2020-6079 CVE-2020-6080

    Multiple security issues were discovered in the microdns plugin of the
    VLC media player, which could result in denial of service or potentially
    the execution of arbitrary code via malicious mDNS packets.

    For the oldstable distribution (stretch), these problems have been fixed
    in version 3.0.10-0+deb9u1. This update disables the microdns plugin.

    For the stable distribution (buster), these problems have been fixed in
    version 3.0.10-0+deb10u1. This update disables the microdns plugin.

    We recommend that you upgrade your vlc packages.

    For the detailed security status of vlc please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/vlc

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6rN7sACgkQEMKTtsN8 TjZAkQ//fhHYmKdfaGWZfJ1vP3Pm2EAOo+vyeZW9u/JkAPACoIuIUwsNaDnYMwI5 45ae4gMLZ0/luRMNkNSML0D+Qipzx1sm+FqkwkbitGO0KYyreagLvMLDZJAGaBTQ 3FeILf13nXV0Rx2Hx9PvvS09LX6DmypCIWWn8DabMs+OOEyeUGiM6JaCY81Ekihe GBLsEpZQELFxbwSLv8GHjmPuV+uwu3JchK60moYwMpJgEo4Y+ngYDvWLX6PfAi6z ost2gYeYbsAznZTHrCz7pPasCVLunWvapnZPyEDjMUcfyh+ieulaadjk0t5wMszO Z8IdVe2JFeQhjZXhubEppUXxTtLWx4kjD+dknsVzu3wa8WPFw8Rad8xUJkYEvxgt E0WZA6xXscKeltDtGDvTfnIDmrSE+wJE2kqTDZwx4b2ZyDwNL0kGCRdCKdBZopHi Re5VXc30byoZj0C/w5KdYN1n8DXZRbNf5hm2atSBMbcIBgrktxOHRuut/+zw4tzp t4LlgqlYcIsjaOWNUaO8hxuX1EAOhQT09X2da7mi6lu51zsUwhOM1BwQ5I5PK5T5 ydPwo434xkhlTEIcctxotM/eKLXExV8ExhPRD4qnGKE6TGfhQS8Fn8sFez5LSYI4 ScKTgN3WvW7eaE0MBxl3Dr+9JlSRaCbc2oDtHbPnFIFULeICFOw=
    =qcxN
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)