Test ID:	1.3.6.1.4.1.25623.1.1.10.2019.0233
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2019-0233)
Summary:	The remote host is missing an update for the 'libebml, vlc' package(s) announced via the MGASA-2019-0233 advisory.
Description:	Summary: The remote host is missing an update for the 'libebml, vlc' package(s) announced via the MGASA-2019-0233 advisory. Vulnerability Insight: Updated vlc packages fixes security vulnerabilities: Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed (CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970). The vlc package has been updated to version 3.0.8, fixing these issues and other bugs. In Mageia 6, the libebml package has been updated to version 1.3.7, which is needed for Matroska support. Affected Software/OS: 'libebml, vlc' package(s) on Mageia 6, Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13602 BugTraq ID: 109158 http://www.securityfocus.com/bid/109158 Bugtraq: 20190821 [SECURITY] [DSA 4504-1] vlc security update (Google Search) https://seclists.org/bugtraq/2019/Aug/36 Debian Security Information: DSA-4504 (Google Search) https://www.debian.org/security/2019/dsa-4504 https://security.gentoo.org/glsa/201909-02 https://git.videolan.org/?p=vlc.git;a=commit;h=8e8e0d72447f8378244f5b4a3dcde036dbeb1491 https://git.videolan.org/?p=vlc.git;a=commit;h=b2b157076d9e94df34502dd8df0787deb940e938 SuSE Security Announcement: openSUSE-SU-2019:1840 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html SuSE Security Announcement: openSUSE-SU-2019:1897 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:1909 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html SuSE Security Announcement: openSUSE-SU-2019:2015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html SuSE Security Announcement: openSUSE-SU-2020:0545 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00036.html SuSE Security Announcement: openSUSE-SU-2020:0562 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00046.html https://usn.ubuntu.com/4074-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-13962 BugTraq ID: 109306 http://www.securityfocus.com/bid/109306 http://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=2b4f9d0b0e0861f262c90e9b9b94e7d53b864509 https://trac.videolan.org/vlc/ticket/22240 https://usn.ubuntu.com/4131-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-14437 Common Vulnerability Exposure (CVE) ID: CVE-2019-14438 Common Vulnerability Exposure (CVE) ID: CVE-2019-14498 Common Vulnerability Exposure (CVE) ID: CVE-2019-14533 Common Vulnerability Exposure (CVE) ID: CVE-2019-14534 Common Vulnerability Exposure (CVE) ID: CVE-2019-14535 Common Vulnerability Exposure (CVE) ID: CVE-2019-14776 Common Vulnerability Exposure (CVE) ID: CVE-2019-14777 Common Vulnerability Exposure (CVE) ID: CVE-2019-14778 Common Vulnerability Exposure (CVE) ID: CVE-2019-14970
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.