Accepting request 798989 from multimedia:libs

Update to 3.0.10 OBS-URL: https://build.opensuse.org/request/show/798989 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vlc?expand=0&rev=106
2020-05-01 09:08:38 +00:00 · 2020-05-01 09:08:38 +00:00 · 02ffeca138
commit 02ffeca138
parent 23bb770596 83c6a06703
6 changed files with 30 additions and 10 deletions
--- a/vlc-3.0.10.tar.xz
+++ b/vlc-3.0.10.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a966abfc7f3b2ff3adaa130306ecaf5d6ad3b6dc73385fc9ab0c1204029d4c31
+size 26096828
--- a/vlc-3.0.10.tar.xz.asc
+++ b/vlc-3.0.10.tar.xz.asc
@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iF0EABECAB0WIQRl98a0IGvQV6frc3hxgHE75Y0a3AUCXqVsuQAKCRBxgHE75Y0a
+3DokAKDLRkUZfgwaLPmdkcknqccxOVU3UQCfQu2oX13ACYH38p72VVgQ2BkeZ0o=
+=QHh2
+-----END PGP SIGNATURE-----
--- a/vlc-3.0.9.2.tar.xz
+++ b/vlc-3.0.9.2.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a9bdad293d81cd48516abad8d490d8ab4012964ae541ff19e00021e071e47601
-size 25895876
--- a/vlc-3.0.9.2.tar.xz.asc
+++ b/vlc-3.0.9.2.tar.xz.asc
@ -1,6 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iF0EABECAB0WIQRl98a0IGvQV6frc3hxgHE75Y0a3AUCXo8OUQAKCRBxgHE75Y0a
-3MRuAJ9rw6YHNmAbLW1wHcAWVg+RDSDmLwCcCEXAfYzhkebOUtLNvf93QPWVd1s=
-=SUQV
-----END PGP SIGNATURE-----
--- a/vlc.changes
+++ b/vlc.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Apr 29 14:14:21 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 3.0.10:
+  +  Misc: Update Twitch & VLSub scripts.
+
 -------------------------------------------------------------------
 Thu Apr 16 16:10:19 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>

@ -142,6 +148,20 @@ Tue Aug 20 07:55:46 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
     - support HiDPI UI on Windows, with the switch to Qt5,
     - prepares the experimental support for Wayland on Linux, and
       switches to OpenGL by default on Linux.
+  + Security fixes included:
+    * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970)
+    * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962)
+    * Fix a read buffer overflow in the FAAD decoder
+    * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438)
+    * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776)
+    * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778)
+    * Fix a use after free in the ASF demuxer (CVE-2019-14533)
+    * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602)
+    * Fix a null dereference in the dvdnav demuxer
+    * Fix a null dereference in the ASF demuxer (CVE-2019-14534)
+    * Fix a null dereference in the AVI demuxer
+    * Fix a division by zero in the CAF demuxer (CVE-2019-14498)
+    * Fix a division by zero in the ASF demuxer (CVE-2019-14535)
 - Drop vlc-CVE-2019-13962.patch, vlc-CVE-2019-13602_1.patch and
  vlc-CVE-2019-13602_2.patch: fixed upstream.
 - Disbale mod-plug for the time being: libmodplug 0.8.9 is not yet
--- a/vlc.spec
+++ b/vlc.spec
@ -33,7 +33,7 @@
 %bcond_with faad
 %bcond_with fdk_aac
 Name:           vlc
-Version:        3.0.9.2
+Version:        3.0.10
 Release:        0
 Summary:        Graphical media player
 License:        GPL-2.0-or-later AND LGPL-2.1-or-later