From cb770716e38ee6474bb38f4be9dda50736c1d4f9 Mon Sep 17 00:00:00 2001
From: Aldas Nabazas <aldas@opensde.net>
Date: Sat, 26 Apr 2008 19:35:20 +0200
Subject: [PATCH] [vlc] Updated (0.8.6e -> 0.8.6f) : SECURITY - MEDIUM

CVE-2008-1768 (Medium) :
Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of
service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which
triggers a buffer overflow.

CVE-2008-1769 (Medium) :
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted
Cinepak file that triggers an out-of-bounds array access and memory corruption.
---
 multimedia/vlc/vlc.desc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/multimedia/vlc/vlc.desc b/multimedia/vlc/vlc.desc
index 66627e595..1b1ed1927 100644
--- a/multimedia/vlc/vlc.desc
+++ b/multimedia/vlc/vlc.desc
@@ -31,9 +31,9 @@
 
 [L] GPL
 [S] Beta
-[V] 0.8.6e
+[V] 0.8.6f
 [P] X -----5---9 304.500
 
 [CV-URL] http://www.videolan.org/vlc/download-sources.html
 
-[D] 3590784363 vlc-0.8.6e.tar.bz2 http://www.videolan.org/pub/vlc/0.8.6e/
+[D] 2847639860 vlc-0.8.6f.tar.bz2 http://www.videolan.org/pub/vlc/0.8.6f/