[Buildroot] [PATCH 1/1] package/vlc: security bump to version 3.0.20
Peter Korsgaard
peter at korsgaard.com
Thu Nov 30 22:43:32 UTC 2023
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2023-47359: Videolan VLC prior to version 3.0.20 contains an
> incorrect offset read that leads to a Heap-Based Buffer Overflow in
> function GetPacket() and results in a memory corruption.
> Fix CVE-2023-47360: Videolan VLC prior to version 3.0.20 contains an
> Integer underflow that leads to an incorrect packet length.
> https://code.videolan.org/videolan/vlc/-/blob/3.0.20/NEWS
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2023.02.x and 2023.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list