openSUSE Security Update : vlc (openSUSE-SU-2015:0201-1)
Medium Nessus Plugin ID 81199
SynopsisThe remote openSUSE host is missing a security update.
Descriptionvlc was updated to the current openSUSE Tumbleweed version.
live555 was also updated to the current openSUSE Tumbleweed version as a dependency.
Security issues fixed :
- Fix various buffer overflows and null ptr dereferencing (boo#914268, CVE-2014-9625).
Other fixes :
- Enable SSE2 instruction set for x86_64
- Disable fluidsynth again: the crashes we had earlier are still not all fixed. They are less, but less common makes it more difficult to debug.
On openSUSE 13.1 :
- Update to version 2.1.5 :
+ Core: Fix compilation on OS/2.
+ Access: Stability improvements for the QTSound capture module.
+ Mac OS X audio output :
- Fix channel ordering.
- Increase the buffersize.
+ Decoders :
- Fix DxVA2 decoding of samples needing more surfaces.
- Improve MAD resistance to broken mp3 streams.
- Fix PGS alignment in MKV.
+ Qt Interface: Don't rename mp3 converted files to .raw.
+ Mac OS X Interface :
- Correctly support video-on-top.
- Fix video output event propagation on Macs with retina displays.
- Stability improvements when using future VLC releases side by side.
+ Streaming: Fix transcode when audio format changes.
+ Updated translations.
- Update to version 2.1.4 :
+ Demuxers: Fix issue in WMV with multiple compressed payload and empty payloads.
+ Video Output: Fix subtitles size rendering on Windows.
+ Mac OS X :
- Fix DVD playback regression.
- Fix misleading error message during video playback on OS X 10.9.
- Fix hardware acceleration memleaks.
SolutionUpdate the affected vlc packages.