{"id":"MGASA-2019-0233","summary":"Updated vlc packages fixes security vulnerabilities","details":"Updated vlc packages fixes security vulnerabilities:\n\nMultiple security issues were discovered in the VLC media player, which\ncould result in the execution of arbitrary code or denial of service if\na malformed file/stream is processed (CVE-2019-13602, CVE-2019-13962,\nCVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533,\nCVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777,\nCVE-2019-14778, CVE-2019-14970).\n\nThe vlc package has been updated to version 3.0.8, fixing these issues and\nother bugs.  In Mageia 6, the libebml package has been updated to version\n1.3.7, which is needed for Matroska support.\n","modified":"2026-04-16T04:40:41.696890870Z","published":"2019-08-31T13:22:36Z","upstream":["CVE-2019-13602","CVE-2019-13962","CVE-2019-14437","CVE-2019-14438","CVE-2019-14498","CVE-2019-14533","CVE-2019-14534","CVE-2019-14535","CVE-2019-14776","CVE-2019-14777","CVE-2019-14778","CVE-2019-14970"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0233.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25284"},{"type":"WEB","url":"https://www.videolan.org/security/sb-vlc308.html"},{"type":"WEB","url":"https://www.videolan.org/developers/vlc-branch/NEWS"},{"type":"WEB","url":"https://www.debian.org/security/2019/dsa-4504"}],"affected":[{"package":{"name":"vlc","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.8-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0233.json"}},{"package":{"name":"libebml","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/libebml?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.7-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0233.json"}},{"package":{"name":"vlc","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.8-1.mga6.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0233.json"}},{"package":{"name":"vlc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.8-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0233.json"}},{"package":{"name":"vlc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/vlc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.8-1.mga7.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0233.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}