Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[SECURITY] [DSA 2043-1] New vlc packages fix arbitrary code execution
From: Devin Carraway <devin () debian org>
Date: Tue, 11 May 2010 07:55:34 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2043-1                  security () debian org
http://www.debian.org/security/                           Devin Carraway
May 11, 2010                          http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : vlc
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no

tixxDZ (DZCORE labs) discovered a vulnerability in vlc, the multimedia
player and streamer.  Missing data validation in vlc's real data transport
(RDT) implementation enable an integer underflow and consequently an
unbounded buffer operation.  A maliciously crafted stream could thus enable
an attacker to execute arbitrary code.

No Common Vulnerabilities and Exposures project identifier is available for
this issue.

For the stable distribution (lenny), this problem has been fixed in version
0.8.6.h-4+lenny2.3.

For the testing distribution (squeeze), this problem was fixed in version
1.0.1-1.

We recommend that you upgrade your vlc packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3.dsc
    Size/MD5 checksum:     3082 6d0733f7509888eb5794b8472b99d7ff
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h.orig.tar.gz
    Size/MD5 checksum: 16977154 9b3e15802b482cb12e79d2eb8cc4ea98
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3.diff.gz
    Size/MD5 checksum:    45790 aecd1047e2c775dddb1f0c452997686b

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:     7030 1e0640617b2d1d7c134ce16b459dc6fb
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:     4482 3bca20543bb595afaf6f0ebc96677ac1
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:   749162 8eed672f93a157c73febe9c7dfe00721
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:  1313336 6d34c5e3d4777b5a5b25c1664f507d20
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:    13164 4725222d0582c115f74a288e3b7be295
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:     5098 fbd83718fd1250d9ae4108a01486ba8c
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:    42250 36c7161ebc7e4a4ade88e151940eaf7e
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:   547146 4355b40cd7e611559be74d5daf9d342b
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:     5360 70c37f4cc208060ae7344fd1660354f9
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_alpha.deb
    Size/MD5 checksum:  5364540 2aa006058086f601d18aa7092027d3b8

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:     6240 7befb38587bc66cc2664f5f4b9d6d856
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:  4940216 d39c277184ff2a04bac6dc74102b628b
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:    37430 0185809ddaf0680ef1b6bc39eb68f289
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:    11736 c0fab2bdad06343ae70ef3746148a04c
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:     4808 527812d4ce1f0fc35d94866cf63629d5
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:     4228 95638af8b9294baa29d9a0132c7c5aea
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:   464632 5318169f7995056f4d8f3f838845dd7f
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:     4584 5bde9f4290e94c6bea5fa360564eb398
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:     4992 5e95335f96d367c5fe6db33379c98134
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:  1098934 6490a07517c0c8ddd06d07c28fea4d3c
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_amd64.deb
    Size/MD5 checksum:   503602 f3283c7f83fa145e37451b1b387aa2b6

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:     5684 2e6aa6dffc515a4afeebb4cd3a193aca
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:   451878 bf1f672c4c4e572568cf7751c66f453d
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:     4922 21ed8194248ed5e72339d66ea3792a57
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:    30820 aab5ab73c2d6142053fe0e5abe834fb1
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:     6350 e2869ab1ec470e2a45cf48eec457f0ea
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:    11042 bd8a2681f5c185894e17483344233893
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:  1158368 88e369480b8fe8add632efdd10c7bed9
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:   437632 a0bf3dcdd2c821ed397cddf463a2534c
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:  4971362 090dc8593e8a5bdbdb4c4e7eeacde7cc
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_arm.deb
    Size/MD5 checksum:     4278 30350bf207d74bec71d8c9db809d985a

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:     5922 0ef769f9609e74497baf21c33ec9494a
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:  5070720 686ab823b16ca984ee47a0695a923d70
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:    30056 a5f194058ca21fbff12d109f30ec8a47
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:   452914 4bc5517c2e0441084dcec5046f170ae0
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:     6706 8b8078b164876103b56c421f6662d131
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:     7796 66988b70dad24695950ee0c247955cae
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:    12964 fc86ec663a5b27375bdff09f9762cdbc
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:     8122 ce00937f0c8fb058f4052d8689895eda
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:  1021850 c56637de8ac14c088b836f812d74161c
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_armel.deb
    Size/MD5 checksum:   436870 1185e33bcf082309719b5df0c85cb4a7

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:   541268 7e52c09f5b65f533c88b9621e5b072e1
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:     7018 070740f2de6d7b4f6aee0c517b56b682
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:   608482 e4c21fbcb51f5152e097105aed2f2c01
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:     7932 734f21c7ad5181e67d5cf9ad7d931529
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:  1294278 6ef4063de66524a9fe74c8562230330c
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:     5454 57a1cf387ba2eb58744bef5a1852463d
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:    42192 74c4f7ba543b3209030d7ec6bf7ca5c8
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:     5880 83890b578b1e2f2ff551dfc56f687a80
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:    13968 4e535f5d5f471b76f06462317bbeb946
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_hppa.deb
    Size/MD5 checksum:  5410024 eecb0ab5dc9ad84444153fd24c63e058

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     4862 0391368ff9ad6f2578326b75954719c4
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:    37000 f32955f458f5972e2207033ae4d9e5c7
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     5164 e2ffe015b93cc9254786dec4d4899802
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     4398 7bd8887cd72dabecc8d0fbb56081a88b
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:    11110 f82aa8b2e76f2f6c0b9e5d700c8b3aed
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     5260 89f63aca8a9bedba77eadc376a214537
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     4270 ed7191fc387f312c76d0190c82360972
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:  1086096 b85b2f3532b266ea4cd9f10d9cf378a9
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:   479830 c1315abfccc58a0296f94d230b488cc9
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:   462600 0ac807094d792fa08f8c57ee693029bb
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:  4982484 d3c59c4dbb6121da5ad29bf2302d8c57
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_i386.deb
    Size/MD5 checksum:     6138 a40c8b47730da46db0f35951e47c7ad5

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:   768354 e00a8927c8b939eb3c4ea80a4d47f84a
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:  6177172 5af7398ad77420866fac5f583bb75171
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:    17798 9b5b1c30becd2c11ccf71bfb2e6381d4
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:  1485690 8c531912a51d54584bd0156d6f2e8ff1
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:   879968 df20fffcf3db3547e1346abf8c63c0e5
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:     5460 6b3f9411a239a8fc735f9c367d15a7dc
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:     9342 4baee397c99f80c3a1a3f07c63862e13
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:     6530 314ed70fb71338bc690aaecb2722e532
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:    49164 4cf965a6bb7899e22bbf29be5e3ab1a5
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_ia64.deb
    Size/MD5 checksum:     6234 ac5ee4b3bafc91d5303dea2c6c119882

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:     6754 79c2f255cf9cdec5fa67531ecb978e6c
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:     5912 11c384b0c05c467f79b25dd8a081de43
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:    12004 d30bb915e6cbdd34c3391a15e15acd63
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:     5354 cd3920ed733fa9de04e0169f09262af4
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:   498620 3443b0f95fd28ca2914abcdb4bb8c600
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:  5172616 2fc36f4a8ad7ad7fcb6abc602778c54d
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:    32500 d96e42a270af6614f0d68c5891c829ec
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:  1017456 4f32848bc28c4c4252bc3ec9197dbf09
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:     4438 0ec174aba035daaaa4457334e805365b
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_mipsel.deb
    Size/MD5 checksum:   625374 d464c35b7e0f276cc5527ee9cf8c2a73

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:     6352 3d3be7e8e288da781921fbef509b2946
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:    40356 bfa7ed89b5dd22812f85ab7d49e2e878
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:     7460 2b3c0652a153d227e29d11ac204b9452
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:  5436812 039840ddd95bb6dcc1fbc41dfbfa3975
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:     8858 4d02322e4ecbb07be816c5e773bce01a
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:     7756 9b8a747d11797cb131316b15e125e504
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:   577042 41655820f0840397ef3859433388715b
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:    15316 f53174437c44cc1a1a36fe10473d678b
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:  1152232 227675a8c08866f2422232398f24ac83
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_powerpc.deb
    Size/MD5 checksum:   510766 70d5d4fc8c7e748ddff0c3fee613d7e4

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:    11430 21be5a24962b0b6b3c004b64e26f2d5e
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:  5077640 40ea5cda403ea5d2b435d8cd6047c938
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:     6570 d29886063467f952d24c85b1dd5c5608
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:     5984 7c89e70f6f971d07e6e555c107f5e1da
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:     4396 f0b70c6833b30d171c5262dec5c282a4
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:   517820 3e541ac71328e6b21fe48a2fba79b51e
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:  1133476 c372e810f0f898349a3911cdfa1df549
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:   492794 1055c3326741e472dd9e938791cc6f9f
  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:    38666 2f278774a90bee082d041191fac35739
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_s390.deb
    Size/MD5 checksum:     5502 dbb587797e52e5d14334b1d496bccd00

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:    33540 381f230f7b48a55975035534059e26f1
  http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:  1099470 00374604b1126ffc507189b591d10cca
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:     5934 248d16eda12621b0b40416424aa09fbd
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-jack_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:     4768 c16aee4a4530c35e6c86f7e729aadb6e
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:    10410 70ddca6ae178a0c17e61e38388bd3733
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:   482220 73c4554acdbdf7fd357802f6a7fa17d9
  http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:   438814 9197209c27e086cc5d26b1fa1ee08339
  http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:  4915278 24f3791bfbef97b0102853b9b1e32648
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:     4896 c96cddbc96bab48c57dc213707bbefbe
  http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6.h-4+lenny2.3_sparc.deb
    Size/MD5 checksum:     4018 4008065d59095a7de2d8063aeaa21603


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce () lists debian org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL6QwvU5XKDemr/NIRAsxwAKCbbs2A9J3Muny0GG48WRFn5dR7tgCeI1qH
bKJHSXG85lPFqUxRzJ86fHo=
=U3Fy
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [SECURITY] [DSA 2043-1] New vlc packages fix arbitrary code execution Devin Carraway (May 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]