VLC 2.2.1 has been released today (April 13): http://git.videolan.org/?p=vlc/vlc-2.2.git;a=blob;f=NEWS;h=a97c82bdd17eff97ef113af303594c37146b3c4d;hb=c4d471b0080a3534bb29e4894b7afff5540e1dae You can see all of the commits since 2.2.0 here: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=summary Two of the codec fixes (buffer overflow in schroedinger and NULL pointer dereference in dmo) could be security relevant. We should update this for Cauldron/Mageia 5. Reproducible: Steps to Reproduce:
CC: (none) => cjw
Updated in the SVN and I tested the tainted build locally. Now we need a Freeze Push request: shlomif[rpms]:$mageia/TO_DEL/vlc$ svn info Path: . Working Copy Root Path: /home/shlomif/Download/unpack/Mageia/TO_DEL/vlc URL: svn+ssh://svn.mageia.org/svn/packages/cauldron/vlc/current Relative URL: ^/cauldron/vlc/current Repository Root: svn+ssh://svn.mageia.org/svn/packages Repository UUID: 01bf705a-734c-4999-978a-dc8ab10ec44d Revision: 820177 Node Kind: directory Schedule: normal Last Changed Author: shlomif Last Changed Rev: 820177 Last Changed Date: 2015-04-14 11:38:02 +0300 (Tue, 14 Apr 2015) shlomif[rpms]:$mageia/TO_DEL/vlc$
vlc-2.2.1-1.mga5 uploaded for Cauldron. Thanks Shlomi!
Status: NEW => RESOLVEDResolution: (none) => FIXED