Commits
Bernd Kuhls committed 7b27be82f1d
package/vlc: security bump version to 2.2.6 Fixes CVE-2017-8312: Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. [Peter: add CVE info] Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> (cherry picked from commit b2f2f92887df5333772a9d0b75b5c4cb5675dd88) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>