r1531 - in /unstable/vlc/debian: changelog patches/408-CVE-2008-4686.diff patches/series
xtophe-guest at users.alioth.debian.org
xtophe-guest at users.alioth.debian.org
Tue Nov 4 20:54:56 UTC 2008
Author: xtophe-guest
Date: Tue Nov 4 20:54:56 2008
New Revision: 1531
URL: http://svn.debian.org/wsvn/pkg-multimedia/?sc=1&rev=1531
Log:
* Acknowledge NMU by Nico Golde. Thanks.
* Non-maintainer upload by the Security Team.
* Fix integer overflows that could possibly lead to arbitrary
code execution (CVE-2008-4686.diff; Closes: #503118).
Added:
unstable/vlc/debian/patches/408-CVE-2008-4686.diff
Modified:
unstable/vlc/debian/changelog
unstable/vlc/debian/patches/series
Modified: unstable/vlc/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-multimedia/unstable/vlc/debian/changelog?rev=1531&op=diff
==============================================================================
--- unstable/vlc/debian/changelog (original)
+++ unstable/vlc/debian/changelog Tue Nov 4 20:54:56 2008
@@ -1,3 +1,17 @@
+vlc (0.8.6.h-5) UNRELEASED; urgency=low
+
+ * Acknowledge NMU by Nico Golde. Thanks.
+
+ -- Christophe Mutricy <xtophe at videolan.org> Tue, 04 Nov 2008 21:55:43 +0100
+
+vlc (0.8.6.h-4.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix integer overflows that could possibly lead to arbitrary
+ code execution (CVE-2008-4686.diff; Closes: #503118).
+
+ -- Nico Golde <nion at debian.org> Mon, 03 Nov 2008 14:41:58 +0100
+
vlc (0.8.6.h-4) unstable; urgency=high
* Security: Fix integer overflow in mms module
Added: unstable/vlc/debian/patches/408-CVE-2008-4686.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/unstable/vlc/debian/patches/408-CVE-2008-4686.diff?rev=1531&op=file
==============================================================================
--- unstable/vlc/debian/patches/408-CVE-2008-4686.diff (added)
+++ unstable/vlc/debian/patches/408-CVE-2008-4686.diff Tue Nov 4 20:54:56 2008
@@ -1,0 +1,46 @@
+diff -Nurad vlc-0.8.6.h.orig/modules/demux/ty.c vlc-0.8.6.h/modules/demux/ty.c
+--- vlc-0.8.6.h.orig/modules/demux/ty.c 2008-11-01 14:10:36.000000000 +0100
++++ vlc-0.8.6.h/modules/demux/ty.c 2008-11-01 14:19:52.000000000 +0100
+@@ -129,8 +129,8 @@
+ mtime_t lastVideoPTS;
+
+ ty_rec_hdr_t *rec_hdrs; /* record headers array */
+- int i_cur_rec; /* current record in this chunk */
+- int i_num_recs; /* number of recs in this chunk */
++ unsigned i_cur_rec; /* current record in this chunk */
++ unsigned i_num_recs; /* number of recs in this chunk */
+ int i_seq_rec; /* record number where seq start is */
+ vlc_bool_t eof;
+ vlc_bool_t b_first_chunk;
+@@ -763,7 +763,7 @@
+ {
+ demux_sys_t *p_sys = p_demux->p_sys;
+ int64_t seek_pos = p_sys->i_stream_size * seek_pct;
+- int i;
++ unsigned i;
+ long l_skip_amt;
+
+ /* if we're not seekable, there's nothing to do */
+@@ -856,7 +856,8 @@
+ /* =========================================================================== */
+ static int get_chunk_header(demux_t *p_demux)
+ {
+- int i_readSize, i_num_recs, i;
++ uint32_t i, i_readSize;
++ unsigned i_num_recs;
+ uint8_t packet_header[4];
+ uint8_t record_header[16];
+ ty_rec_hdr_t *p_rec_hdr;
+@@ -914,7 +915,11 @@
+ /* parse headers into array */
+ if (p_sys->rec_hdrs)
+ free(p_sys->rec_hdrs);
+- p_sys->rec_hdrs = malloc(i_num_recs * sizeof(ty_rec_hdr_t));
++ p_sys->rec_hdrs = calloc(i_num_recs, sizeof(ty_rec_hdr_t));
++ if(!p_sys->rec_hdrs){
++ i_num_recs = 0;
++ return;
++ }
+ for (i = 0; i < i_num_recs; i++)
+ {
+ i_readSize = stream_Read( p_demux->s, record_header, 16 );
Modified: unstable/vlc/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-multimedia/unstable/vlc/debian/patches/series?rev=1531&op=diff
==============================================================================
--- unstable/vlc/debian/patches/series (original)
+++ unstable/vlc/debian/patches/series Tue Nov 4 20:54:56 2008
@@ -11,3 +11,4 @@
405-CVE-2008-3732.diff
406-live555-crash.diff
407-mms-overflow.diff
+408-CVE-2008-4686.diff
More information about the pkg-multimedia-commits
mailing list