Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-10-04 20:59:21 UTC

* debian/vlc.postinst: Fix directory to symlink upgrade in postinst.
  Thanks to David Prévot <taffit@debian.org> (Closes: #687657)
* debian/vlc.preinst: Remove insufficient fix to #613121 (similar issue).
  Thanks to David Prévot for the patch.
* Cherry-pick fix for VLC hang caused by the notify plugin. (Closes: #662628,
  LP: #970447)
* Drop alternative dependency on transitional ttf-freefont.

Author: Benjamin Drung
Revision Date: 2012-07-24 00:44:39 UTC

* New bug-fixing upstream release (LP: #1025713).
* SECURITY UPDATE: Heap-based buffer overflow in the Ogg_DecodePacket function
  in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before
  2.0.2 allows remote attackers to cause a denial of service (application
  crash) and possibly execute arbitrary code via a crafted OGG file.
  - CVE-2012-3377

Author: Benjamin Drung
Revision Date: 2012-07-24 00:44:39 UTC

* New bug-fixing upstream release (LP: #1025713).
* SECURITY UPDATE: Heap-based buffer overflow in the Ogg_DecodePacket function
  in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before
  2.0.2 allows remote attackers to cause a denial of service (application
  crash) and possibly execute arbitrary code via a crafted OGG file.
  - CVE-2012-3377

Author: Benjamin Drung
Revision Date: 2012-07-24 00:44:39 UTC

* New bug-fixing upstream release (LP: #1025713).
* SECURITY UPDATE: Heap-based buffer overflow in the Ogg_DecodePacket function
  in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before
  2.0.2 allows remote attackers to cause a denial of service (application
  crash) and possibly execute arbitrary code via a crafted OGG file.
  - CVE-2012-3377

Author: Benjamin Drung
Revision Date: 2012-03-30 01:56:37 UTC

Add missing Breaks and Replaces for moving the documentation from vlc-data
away from /usr/share/doc/vlc before converting the directory into a symlink.
(Closes: #665743)

Author: <email address hidden>
Revision Date: 2012-02-29 01:36:12 UTC

Added keywords to the desktop file accordingto the new specifications

Author: Benjamin Drung
Revision Date: 2011-10-19 21:18:35 UTC

No-change backport to oneiric to fix PulseAudio support and other bugs.

Author: Benjamin Drung
Revision Date: 2011-10-19 21:18:35 UTC

No-change backport to oneiric to fix PulseAudio support and other bugs.

Author: Matthias Klose
Revision Date: 2011-09-03 22:04:14 UTC

Rebuild to drop dependencies on superseded libraries.

Author: Benjamin Drung
Revision Date: 2011-07-18 16:15:19 UTC

* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-07-18 16:10:28 UTC

* SECURITY UPDATE: Heap overflow in RealMedia demuxer (LP: #807486)
  - debian/patches/CVE-2011-2587.patch: real: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2587
  - VideoLAN-SA-1105
* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-07-18 15:48:36 UTC

* SECURITY UPDATE: Heap overflow in RealMedia demuxer (LP: #807486)
  - debian/patches/CVE-2011-2587.patch: real: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2587
  - VideoLAN-SA-1105
* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-07-18 16:10:28 UTC

* SECURITY UPDATE: Heap overflow in RealMedia demuxer (LP: #807486)
  - debian/patches/CVE-2011-2587.patch: real: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2587
  - VideoLAN-SA-1105
* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-07-18 16:15:19 UTC

* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-07-18 15:48:36 UTC

* SECURITY UPDATE: Heap overflow in RealMedia demuxer (LP: #807486)
  - debian/patches/CVE-2011-2587.patch: real: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2587
  - VideoLAN-SA-1105
* SECURITY UPDATE: Heap overflow in AVI demuxer (LP: #807488)
  - debian/patches/CVE-2011-2588.patch: AVI: fix heap buffer overflow,
    thanks to Rémi Denis-Courmont
  - CVE-2011-2588
  - VideoLAN-SA-1106

Author: Benjamin Drung
Revision Date: 2011-06-14 03:04:10 UTC

* Backport PulseAudio output plugin rewrite to fix memory leak. (LP: #743323)
* ASX: fix NULL derefence (LP: #785979)
* Qt: undo the FSC/KDE workaround (LP: #774581)
* Add Firefox 4 compatibility (LP: #722690)

Author: Benjamin Drung
Revision Date: 2011-04-14 11:51:25 UTC

* Merge from Debian unstable (LP: #760510), remaining changes:
  - build and install the libx264 plugin

Author: Nicola Ferralis
Revision Date: 2010-11-19 01:12:25 UTC

Fixed wrong aspect ratio in transcoded image from webcam. (LP: #672304)

Author: Benjamin Drung
Revision Date: 2010-09-05 02:20:35 UTC

* Merge from Debian experimental, remaining changes:
  - build and install the libx264 plugin

Author: Alessio Treglia
Revision Date: 2010-05-04 14:17:27 UTC

* debian/vlc{,-nox}.install:
  - Move libx264 plugin from vlc to vlc-nox (LP: #575054).
* debian/control:
  - Adjust vlc-nox Replaces field properly.

Author: Benjamin Drung
Revision Date: 2010-04-23 12:16:15 UTC

* Merge from Debian unstable, remaining changes:
  - build and install the libx264 plugin
  - add Xb-Npp header to vlc package
  - Add patches 519-526 to fix FTBFS with xulruner-1.9.2 from upstream
  - Add 600-drop-OJI-xul-192.patch to drop OJI support as xulrunner-1.9.2 on
    Linux doesn't support it
  - Add apport hook to include more vlc dependencies in bug reports
  - Drop --sourcedir=debian/tmp from dh_install to install apport hook
* Drop 527-spanish-desktop.patch (merged upstream).

Author: Peter Meiser
Revision Date: 2009-11-12 17:32:43 UTC

* add libupnp3-dev as build-dep to enable UPnP module (LP: #481448)
* add libcddb2-dev as build-dep to enable CDDB in the CDDA
  module (LP: #439131)
* add libxcb-keysyms1-dev as build-dep to enable globalhotkeys
  module (LP: #439077)

Author: Peter Meiser
Revision Date: 2009-11-12 17:32:43 UTC

* add libupnp3-dev as build-dep to enable UPnP module (LP: #481448)
* add libcddb2-dev as build-dep to enable CDDB in the CDDA
  module (LP: #439131)
* add libxcb-keysyms1-dev as build-dep to enable globalhotkeys
  module (LP: #439077)

Author: Reinhard Tartler
Revision Date: 2009-04-18 19:52:57 UTC

* Merge from debian which includes a small security fix.
* Adjusted Vcs fields to point to pkg-multimedia's git branch. The
  package is maintained in the 'jaunty' branch.
* Remaining changes to debian:
  - build against libxul-dev instead of iceape-dev
  - build against libass-dev and libx264-dev
  - build against and install libx264 plugin
  - add Xb-Npp header to vlc package
  - debian/patches/301_DVD_media.diff: Change %U to %f
     in VLC .desktop file, cf LP #275043
  - Remove arts from dependencies. (LP: #320915)
    - debian/control:
      - Remove libarts1-dev from build depends
      - Don't build package vlc-plugin-arts
      - Remove all notions of vlc-plugin-arts from packages descriptions
    - debian/rules:
      - Remove --enable-arts from confflags
    - Delete debian/vlc-plugin-arts.install
    - Delete debian/vlc-plugin-arts.links

Author: Reinhard Tartler
Revision Date: 2008-10-13 21:47:13 UTC

* link vlc to unicode enabled curses library. Thanks to Rafaël Carré for
  reporting.(LP: #282644)
* enable emedded video (LP: #282582)
* Autodetect screen while using Xinerama to toggle fullscreen (LP: #115419)

Author: Luke Yelavich
Revision Date: 2008-04-12 09:23:55 UTC

* debian/control: Make vlc-plugin-pulse a dependency of vlc, to enable pulseaudio
  by default. (LP: #208579)
* debian/patches/demuxer-fix.diff: Patch to fix FTBFS, thanks to Gentoo bug
  214809.

Author: Cesare Tirabassi
Revision Date: 2007-10-08 23:41:44 UTC

* Add patch 030_fix_exec_field_code:
  - fix opening multiple files leads to multiple instances (LP: #124712)

Author: Luke Yelavich
Revision Date: 2007-03-20 16:32:06 UTC

debian/control: Revert back to building against libwxgtk2.6-dev
(Closes LP: #91248)

Author: Daniel T Chen
Revision Date: 2006-10-18 01:31:36 UTC

* Merge from Debian unstable, remaining Ubuntu changes:
  - debian/control: Don't build-depend on libtwolame-dev, a newer
    version of libcaca-dev, or linux-kernel-headers (Ubuntu Edgy
    does not have them),
  - debian/patches/001_1008snap.{fixes,translations}.diff: Remove,
    this is a new upstream version, fixes FTBFS on translations,
  - debian/rules: Use Ubuntu-specific configure options (firefox).
* New upstream snapshot fixes wxvlc not stopping when 'close
  button' is clicked (Closes Ubuntu: #54630).
* New upstream snapshot has more robust x264 support
  (Closes: Ubuntu #62217).
* Segfault when using HTTP interface was fixed in
  0.8.6-svn20060918.debian-1ubuntu4 (Closes Ubuntu: #63833).
* New upstream snapshot should resolve issues with skins2/wxw
  interfaces (Closes: Ubuntu #64975).

Author: Daniel T Chen
Revision Date: 2006-05-23 03:42:19 UTC

"'Time to race', she said, 'Race the downhill'."

* Add debian/patches/24_prefs_stacking_fix, fixing stacking in
  Preferences dialog. Taken from upstream svn changeset 13795, thanks
  to Bruce Cowan (Closes: Malone #31891).
* Demote ttf-freefont, ttf-thryomanes to Suggests as the former
  provides bad metrics for Thai. See Debian #362071 for additional
  information.
* Don't use gcc-snapshot as the compiler. See Debian #361729 for more
  information.
* Make vlc.desktop HIG-compliant.
* Rebuild against new libebml-dev and libmatroska-dev, fixing crashes
  with Matroska files (Closes: Malone #29644).
* Use our own faad2 and x264, fixing garbled graphics (Closes: Malone
  #28539). Please see Debian #365389 if the inclusion of these
  libraries stirs your ire.

Author: Daniel T Chen
Revision Date: 2005-10-11 19:39:59 UTC

* debian/:
  + Let's not clobber our wxWidgets dialog completely by "chomping at
    the SVN-trunk bit". There are way too many necessary patches for
    wxWidgets. Thus, replace the libwxgtk2.6-dev Build-Depends with
    libwxgtk2.4-dev. At least playlist loading works again. Finally
    closes: #3062, #3064.
  + Disable Matroska support, since the version in the archive is too
    old to be useful on this build.
  + "I hate you libpostproc-dev", or the real reason ffmpeg needs to
    be included in the first place.

Author: Daniel T Chen
Revision Date: 2005-03-27 22:05:30 UTC

Really fix the .desktop entries.

Author: Sam Hocevar
Revision Date: 2004-06-25 11:55:33 UTC

extras/ffmpeg/configure: fixed HPPA architecture detection.

Author: Reinhard Tartler
Revision Date: 2009-10-19 21:19:26 UTC

PulseAudio: higher priority than ALSA, LP: #402018

Author: Marc Deslauriers
Revision Date: 2009-06-28 12:13:15 UTC

* SECURITY UPDATE: Arbitrary code execution via stack-based overflow in
  the Ty demux plugin (LP: #285922)
  - debian/patches/901_CVE-2008-4654.patch: don't overflow mst_buf in
    modules/demux/ty.c
  - CVE-2008-4654
* SECURITY UPDATE: Arbitrary code execution via integer overflows in
  the Ty demux plugin (LP: #285922)
  - debian/patches/902_CVE-2008-4686.patch: make some variables unsigned
    in modules/demux/ty.c so they don't overflow.
  - CVE-2008-4686
* SECURITY UPDATE: Arbitrary code execution via stack-based buffer
  overflow via invalid RealText subtitle file.
  - debian/patches/903_CVE-2008-5036.patch: limit sscanf sizes in
    modules/demux/subtitle.c
  - CVE-2008-5036
* SECURITY UPDATE: Arbitrary code execution via heap-based buffer
  overflow via malformed RealMedia file.
  - debian/patches/904_CVE-2008-5276.patch: replace malloc with calloc in
    modules/demux/real.c
  - CVE-2008-5276
* SECURITY UPDATE: Denial of service via long input argument.
  - debian/patches/905_CVE-2009-1045.patch: make sure we can't overflow
    psz_dup in src/input/input.c
  - CVE-2009-1045

Author: Marc Deslauriers
Revision Date: 2009-06-28 10:11:40 UTC

* SECURITY UPDATE: aribrary code execution via invalid cue image file.
  (LP: #294243)
  - debian/patches/042_CVE-2008-5032.diff: make sure we don't overflow
    p_sectors in modules/access/vcd/cdrom.c
  - CVE-2008-5032

Author: Marc Deslauriers
Revision Date: 2009-06-28 12:13:15 UTC

* SECURITY UPDATE: Arbitrary code execution via stack-based overflow in
  the Ty demux plugin (LP: #285922)
  - debian/patches/901_CVE-2008-4654.patch: don't overflow mst_buf in
    modules/demux/ty.c
  - CVE-2008-4654
* SECURITY UPDATE: Arbitrary code execution via integer overflows in
  the Ty demux plugin (LP: #285922)
  - debian/patches/902_CVE-2008-4686.patch: make some variables unsigned
    in modules/demux/ty.c so they don't overflow.
  - CVE-2008-4686
* SECURITY UPDATE: Arbitrary code execution via stack-based buffer
  overflow via invalid RealText subtitle file.
  - debian/patches/903_CVE-2008-5036.patch: limit sscanf sizes in
    modules/demux/subtitle.c
  - CVE-2008-5036
* SECURITY UPDATE: Arbitrary code execution via heap-based buffer
  overflow via malformed RealMedia file.
  - debian/patches/904_CVE-2008-5276.patch: replace malloc with calloc in
    modules/demux/real.c
  - CVE-2008-5276
* SECURITY UPDATE: Denial of service via long input argument.
  - debian/patches/905_CVE-2009-1045.patch: make sure we can't overflow
    psz_dup in src/input/input.c
  - CVE-2009-1045

Author: Emanuele Gentili
Revision Date: 2008-04-01 02:33:08 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.diff
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Marc Deslauriers
Revision Date: 2009-06-28 10:11:40 UTC

* SECURITY UPDATE: aribrary code execution via invalid cue image file.
  (LP: #294243)
  - debian/patches/042_CVE-2008-5032.diff: make sure we don't overflow
    p_sectors in modules/access/vcd/cdrom.c
  - CVE-2008-5032

Author: Emanuele Gentili
Revision Date: 2008-04-01 02:58:30 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.diff
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Emanuele Gentili
Revision Date: 2008-04-01 02:33:08 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.diff
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Emanuele Gentili
Revision Date: 2008-04-01 02:58:30 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.diff
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Emanuele Gentili
Revision Date: 2008-03-11 20:25:38 UTC

* SECURITY UPDATE:
  - debian/patches/CVE-2008-0984.patch (LP: #195949)
   + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
     suffers from an arbitrary memory overwrite vulnerability when using
     crash the player instance.

* References
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
  - http://www.videolan.org/security/sa0802.html

Author: John Dong
Revision Date: 2007-03-07 23:12:48 UTC

Automated backport upload; no source changes.

Author: Emanuele Gentili
Revision Date: 2008-03-11 20:25:38 UTC

* SECURITY UPDATE:
  - debian/patches/CVE-2008-0984.patch (LP: #195949)
   + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
     suffers from an arbitrary memory overwrite vulnerability when using
     crash the player instance.

* References
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
  - http://www.videolan.org/security/sa0802.html

Author: Emanuele Gentili
Revision Date: 2008-04-01 03:48:00 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.dpatch
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Emanuele Gentili
Revision Date: 2008-04-01 03:48:00 UTC

* SECURITY UPDATE: (LP: #207284)
 + debian/patches/031_CVE-2008-1489.dpatch
  - Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code via a crafted MP4 RDRF box that triggers a
    heap-based buffer overflow.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1489
 + http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Author: Ubuntu Archive Auto-Sync
Revision Date: 2005-11-18 17:18:19 UTC

Automated backport upload; no source changes.