360 lines
15 KiB
JSON
360 lines
15 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20161220",
|
||
"Version": "oval:org.altlinux.errata:def:20161220",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2016-1220: package `vlc` update to version 2.2.2-alt1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch c10f1"
|
||
],
|
||
"Products": [
|
||
"ALT SP Workstation",
|
||
"ALT SP Server"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2016-1220",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2016-1220",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2019-03985",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2019-03985",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2015-5949",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-5949",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades vlc to version 2.2.2-alt1. \nSecurity Fix(es):\n\n * BDU:2019-03985: Уязвимость программы-медиапроигрывателя VideoLAN VLC, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * CVE-2015-5949: VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "Low",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2016-03-12"
|
||
},
|
||
"Updated": {
|
||
"Date": "2016-03-12"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2019-03985",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2019-03985",
|
||
"Impact": "Low",
|
||
"Public": "20150820"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2015-5949",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-5949",
|
||
"Impact": "Low",
|
||
"Public": "20150825"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:spworkstation:10",
|
||
"cpe:/o:alt:spserver:10"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220001",
|
||
"Comment": "fortunes-vlc is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220002",
|
||
"Comment": "libvlc is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220003",
|
||
"Comment": "libvlc-devel is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220004",
|
||
"Comment": "vim-plugin-vlc-syntax is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220005",
|
||
"Comment": "vlc is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220006",
|
||
"Comment": "vlc-interface-lirc is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220007",
|
||
"Comment": "vlc-interface-ncurses is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220008",
|
||
"Comment": "vlc-interface-qt4 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220009",
|
||
"Comment": "vlc-interface-skins2 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220010",
|
||
"Comment": "vlc-maxi is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220011",
|
||
"Comment": "vlc-mini is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220012",
|
||
"Comment": "vlc-plugin-a52 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220013",
|
||
"Comment": "vlc-plugin-aa is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220014",
|
||
"Comment": "vlc-plugin-ass is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220015",
|
||
"Comment": "vlc-plugin-audiocd is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220016",
|
||
"Comment": "vlc-plugin-bluray is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220017",
|
||
"Comment": "vlc-plugin-bonjour is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220018",
|
||
"Comment": "vlc-plugin-caca is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220019",
|
||
"Comment": "vlc-plugin-chromaprint is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220020",
|
||
"Comment": "vlc-plugin-dbus is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220021",
|
||
"Comment": "vlc-plugin-dca is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220022",
|
||
"Comment": "vlc-plugin-dv is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220023",
|
||
"Comment": "vlc-plugin-dvdnav is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220024",
|
||
"Comment": "vlc-plugin-dvdread is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220025",
|
||
"Comment": "vlc-plugin-ffmpeg is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220026",
|
||
"Comment": "vlc-plugin-flac is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220027",
|
||
"Comment": "vlc-plugin-fluidsynth is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220028",
|
||
"Comment": "vlc-plugin-framebuffer is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220029",
|
||
"Comment": "vlc-plugin-freetype is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220030",
|
||
"Comment": "vlc-plugin-globalhotkeys is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220031",
|
||
"Comment": "vlc-plugin-gnutls is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220032",
|
||
"Comment": "vlc-plugin-goom is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220033",
|
||
"Comment": "vlc-plugin-h264 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220034",
|
||
"Comment": "vlc-plugin-h265 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220035",
|
||
"Comment": "vlc-plugin-jack is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220036",
|
||
"Comment": "vlc-plugin-linsys is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220037",
|
||
"Comment": "vlc-plugin-live555 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220038",
|
||
"Comment": "vlc-plugin-mad is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220039",
|
||
"Comment": "vlc-plugin-matroska is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220040",
|
||
"Comment": "vlc-plugin-modplug is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220041",
|
||
"Comment": "vlc-plugin-mpeg2 is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220042",
|
||
"Comment": "vlc-plugin-mtp is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220043",
|
||
"Comment": "vlc-plugin-musepack is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220044",
|
||
"Comment": "vlc-plugin-notify is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220045",
|
||
"Comment": "vlc-plugin-ogg is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220046",
|
||
"Comment": "vlc-plugin-opus is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220047",
|
||
"Comment": "vlc-plugin-png is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220048",
|
||
"Comment": "vlc-plugin-podcast is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220049",
|
||
"Comment": "vlc-plugin-projectm is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220050",
|
||
"Comment": "vlc-plugin-pulseaudio is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220051",
|
||
"Comment": "vlc-plugin-rdp is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220052",
|
||
"Comment": "vlc-plugin-realrtsp is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220053",
|
||
"Comment": "vlc-plugin-schroedinger is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220054",
|
||
"Comment": "vlc-plugin-shout is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220055",
|
||
"Comment": "vlc-plugin-smb is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220056",
|
||
"Comment": "vlc-plugin-speex is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220057",
|
||
"Comment": "vlc-plugin-svg is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220058",
|
||
"Comment": "vlc-plugin-taglib is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220059",
|
||
"Comment": "vlc-plugin-theora is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220060",
|
||
"Comment": "vlc-plugin-twolame is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220061",
|
||
"Comment": "vlc-plugin-upnp is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220062",
|
||
"Comment": "vlc-plugin-v4l is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220063",
|
||
"Comment": "vlc-plugin-videocd is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220064",
|
||
"Comment": "vlc-plugin-vpx is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220065",
|
||
"Comment": "vlc-plugin-xcb is earlier than 0:2.2.2-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20161220066",
|
||
"Comment": "vlc-plugin-xml is earlier than 0:2.2.2-alt1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |