From 162520241bed94a9f5ded3140aa4664e1d4988f2 Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Tue, 17 Jun 2014 16:43:26 -0300 Subject: [PATCH] vlc: security bump to version 2.1.4 Fixes CVE-2014-1684: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- package/vlc/vlc.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/vlc/vlc.mk b/package/vlc/vlc.mk index 6eb7eead9b..6c4677aab6 100644 --- a/package/vlc/vlc.mk +++ b/package/vlc/vlc.mk @@ -4,7 +4,7 @@ # ################################################################################ -VLC_VERSION = 2.1.2 +VLC_VERSION = 2.1.4 VLC_SITE = http://download.videolan.org/pub/videolan/vlc/$(VLC_VERSION) VLC_SOURCE = vlc-$(VLC_VERSION).tar.xz VLC_LICENSE = GPLv2+ LGPLv2.1+ -- 2.30.2