-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4704-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 16, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : CVE-2020-13428 A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened. For the oldstable distribution (stretch), this problem has been fixed in version 3.0.11-0+deb9u1. For the stable distribution (buster), this problem has been fixed in version 3.0.11-0+deb10u1. We recommend that you upgrade your vlc packages. For the detailed security status of vlc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/vlc Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7pKl0ACgkQEMKTtsN8 TjbTIBAAj7j647Nb9YWdabn1oia2JnkW51K0lLrxKLgd3snfKkYG+gUMl1LBYLFG bnpUi45PwGBiF3JMX2ctB5ESOfFkN63YCX5ft+MAvmrL5crJ5wdK+KPptKBsojeN X2uUdtw8930IivY8DvW1DCZ2zPe8JvHNe+YnFitcL8i8m4mAz8XKm2NfN4eUhQDu M3QUidz2QI8QbrtqUGCv+h4USBGRyqUjpJfLv3eNClqYMjGkDo/WOxn4IL2uyLdh xsSritrCDeoyIYBGlahdeDOYJN+yvHFsTU9CjQGFInHzvQ2Dz2TlD+z+aItI2NZ1 FdJqJWXk5QRjVPVYBYPnhRoFSdwK9cGDx7dNxs5wbsc3PmhWW17TJgVBWNsFHu30 QhqySjrTP/VlMI8iObKBkPc43IaK5bo2vnZkdgQD8AKq+YpFdK+X+/fzEua1mrpX +RCFBehLSoEXSxiHBFMQhZDpJx0R3yXgbtXYp+U+vfcNkOSpAU7xlz88VK5cr82e uGCwQ0zte6mzAjywS+ZdfpTtNwN4i8qajryDSiNMsuEQnhbfifx7zi054oMBJyDI 8z/vLq6XrDdSTnUAMK5E12syJrNXrF78pYkm5XJitkZd8LoefMnaib3DMOP+1g6s t6TuRddR71NFr3SAzv4VDhlVcg5NI+kb1UIwD4v3JxkBTiU3lEc= =fsQa -----END PGP SIGNATURE-----