http://bugzilla.suse.com/show_bug.cgi?id=965227 Bug ID: 965227 Summary: security bug CVE 2015-5949 vlc Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Other Assignee: bnc-team-screening@forge.provo.novell.com Reporter: t.casavecchia@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 664513 --> http://bugzilla.suse.com/attachment.cgi?id=664513&action=edit debian patch Dear mantainer, dear developer, If I don't miss anything (I'm not very technical person), the package vlc in stable opensuse 13.2 and leap 42.1 is affected by bug CVE-2015-5949. here https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949 you can find more detailed information. Both debian and mageia backported upstream patch. In the alleged file (I hope it could help) I'am attaching debian patch (upstream patch is here https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d742... ). Thank for you work kind regards Tiziano -- You are receiving this mail because: You are on the CC list for the bug.