it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4671-1] vlc security update
- Date: Thu, 30 Apr 2020 20:48:04 +0000
- List-archive: https://lists.debian.org/msgid-search/20200430204804.GA3677 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Thu, 30 Apr 2020 20:48:20 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <G8u0JEL3_Y.A.ogD.UmzqeB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4671-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 30, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : vlc
CVE ID : CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077
CVE-2020-6078 CVE-2020-6079 CVE-2020-6080
Multiple security issues were discovered in the microdns plugin of the
VLC media player, which could result in denial of service or potentially
the execution of arbitrary code via malicious mDNS packets.
For the oldstable distribution (stretch), these problems have been fixed
in version 3.0.10-0+deb9u1. This update disables the microdns plugin.
For the stable distribution (buster), these problems have been fixed in
version 3.0.10-0+deb10u1. This update disables the microdns plugin.
We recommend that you upgrade your vlc packages.
For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vlc
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6rN7sACgkQEMKTtsN8
TjZAkQ//fhHYmKdfaGWZfJ1vP3Pm2EAOo+vyeZW9u/JkAPACoIuIUwsNaDnYMwI5
45ae4gMLZ0/luRMNkNSML0D+Qipzx1sm+FqkwkbitGO0KYyreagLvMLDZJAGaBTQ
3FeILf13nXV0Rx2Hx9PvvS09LX6DmypCIWWn8DabMs+OOEyeUGiM6JaCY81Ekihe
GBLsEpZQELFxbwSLv8GHjmPuV+uwu3JchK60moYwMpJgEo4Y+ngYDvWLX6PfAi6z
ost2gYeYbsAznZTHrCz7pPasCVLunWvapnZPyEDjMUcfyh+ieulaadjk0t5wMszO
Z8IdVe2JFeQhjZXhubEppUXxTtLWx4kjD+dknsVzu3wa8WPFw8Rad8xUJkYEvxgt
E0WZA6xXscKeltDtGDvTfnIDmrSE+wJE2kqTDZwx4b2ZyDwNL0kGCRdCKdBZopHi
Re5VXc30byoZj0C/w5KdYN1n8DXZRbNf5hm2atSBMbcIBgrktxOHRuut/+zw4tzp
t4LlgqlYcIsjaOWNUaO8hxuX1EAOhQT09X2da7mi6lu51zsUwhOM1BwQ5I5PK5T5
ydPwo434xkhlTEIcctxotM/eKLXExV8ExhPRD4qnGKE6TGfhQS8Fn8sFez5LSYI4
ScKTgN3WvW7eaE0MBxl3Dr+9JlSRaCbc2oDtHbPnFIFULeICFOw=
=qcxN
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4671-1] vlc security update, Moritz Muehlenhoff, 30.04.2020
Archiv bereitgestellt durch MHonArc 2.6.19.