| Errata ID | 565 |
|---|---|
| Date | 2019-08-22 |
| Source package | vlc |
| Fixed in version | 3.0.8-0+deb9u1 |
| Description | This update addresses the following issues: * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) * Fix a use after free in the ASF demuxer (CVE-2019-14533) * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) * Fix a null dereference in the ASF demuxer (CVE-2019-14534) * Fix a division by zero in the CAF demuxer (CVE-2019-14498) * Fix a division by zero in the ASF demuxer (CVE-2019-14535) |
| Additional notes | |
| CVE ID | CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438 CVE-2019-14498 CVE-2019-14533 CVE-2019-14534 CVE-2019-14535 CVE-2019-14776 CVE-2019-14777 CVE-2019-14778 CVE-2019-14970 |
| UCS Bug number | #50041 |
