ALT-BU-2020-3895-1
Branch sisyphus update bulletin.
Package libspeexdsp updated to version 1.2.0-alt1_1 for branch sisyphus in task 254072.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-23903
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
Modified: 2024-11-21
CVE-2020-23904
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
Closed vulnerabilities
BDU:2020-03597
Уязвимость функции hxxx_AnnexB_to_xVC() программы-медиапроигрывателя Videolan VLC, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-13428
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
- http://git.videolan.org/?p=vlc/vlc-3.0.git%3Ba=commit%3Bh=d5c43c21c747ff30ed19fcca745dea3481c733e0
- https://github.com/videolan/vlc/commits/master/modules/packetizer/hxxx_nal.c
- https://github.com/videolan/vlc-3.0/releases/tag/3.0.11
- DSA-4704
- https://www.videolan.org/security/sb-vlc3011.html
- http://git.videolan.org/?p=vlc/vlc-3.0.git%3Ba=commit%3Bh=d5c43c21c747ff30ed19fcca745dea3481c733e0
- https://www.videolan.org/security/sb-vlc3011.html
- DSA-4704
- https://github.com/videolan/vlc-3.0/releases/tag/3.0.11
- https://github.com/videolan/vlc/commits/master/modules/packetizer/hxxx_nal.c
Package alt-customize-branding updated to version 1.0.9-alt1 for branch sisyphus in task 254103.
Closed bugs
В alt-customize-branding можно добавить несколько логотипов, но в итоге добавляется только один
Package googletest updated to version 1.10.0-alt1 for branch sisyphus in task 254111.
Closed bugs
release-1.10.0