2 files changed, 17 insertions, 2 deletions

diff --git a/profiles/ChangeLog b/profiles/ChangeLog
index 7fe96e955c0f..21d02e98ac31 100644
--- a/profiles/ChangeLog
+++ b/profiles/ChangeLog
@@ -1,11 +1,14 @@
 # ChangeLog for profile directory
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.9055 2014/06/08 12:53:55 mgorny Exp $
+# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.9056 2014/06/08 13:08:58 tomwij Exp $
 #
 # This ChangeLog should include records for all changes in profiles directory.
 # Only typo fixes which don't affect portage/repoman behaviour could be avoided
 # here. If in doubt put a record here!
 
+  08 Jun 2014; Tom Wijsman <TomWij@gentoo.org> package.mask:
+  Mask VLC ebuilds that are affected with security bug CVE-2013-6934.
+
   08 Jun 2014; Michał Górny <mgorny@gentoo.org> package.mask:
   Mask multilib libsoup & neon.
 
diff --git a/profiles/package.mask b/profiles/package.mask
index 315257458d05..c26b5edfea08 100644
--- a/profiles/package.mask
+++ b/profiles/package.mask
@@ -1,5 +1,5 @@
 ####################################################################
-# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15771 2014/06/08 12:53:55 mgorny Exp $
+# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15772 2014/06/08 13:08:58 tomwij Exp $
 #
 # When you add an entry to the top of this file, add your name, the date, and
 # an explanation of why something is getting masked. Please be extremely
@@ -30,6 +30,18 @@
 
 #--- END OF EXAMPLES ---
 
+# Tom Wijsman <TomWij@gentoo.org> (8 Jun 2014)
+# Mask VLC ebuilds that are affected with security bug CVE-2013-6934:
+# 
+#     A vulnerability has been discovered in VLC Media Player, which can be
+#     exploited by malicious people to compromise a user's system.
+#
+# Some ebuilds also have other buffer and integer overflow security bugs like
+# CVE-2013-1954, CVE-2013-3245, CVE-2013-4388 and CVE-2013-6283.
+#
+# Users should consider to upgrade VLC Media Player to at least version 2.1.2.
+<media-video/vlc-2.1.2
+
 # Tom Wijsman <TomWij@gentoo.org> (6 Jun 2014)
 # Mask gentoo-sources ebuilds that are affected with security bug CVE-2014-3153.
 #