[SCM] FFmpeg packaging branch, lenny, updated. debian/0.svn20080206-16-1-g3df3f9f
siretart at users.alioth.debian.org
siretart at users.alioth.debian.org
Tue Feb 10 07:47:16 UTC 2009
The following commit has been merged in the lenny branch:
commit 3df3f9fcac661d450a59fb9ad063e1c485f23b71
Author: Reinhard Tartler <siretart at tauware.de>
Date: Tue Feb 10 07:56:13 2009 +0100
bug fix: possible null ptr derefence in vp3.c (CVE-2008-4610) Closes: #509616
diff --git a/debian/changelog b/debian/changelog
index d71b17d..98b3867 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+ffmpeg-debian (0.svn20080206-17) unstable; urgency=medium
+
+ * bug fix: possible null ptr derefence in vp3.c (CVE-2008-4610)
+ Closes: #509616
+
+ -- Reinhard Tartler <siretart at tauware.de> Tue, 10 Feb 2009 07:55:39 +0100
+
ffmpeg-debian (0.svn20080206-16) unstable; urgency=low
* bug fix: denial-of-service attack (CVE-2008-3230) Closes: #498764
diff --git a/debian/patches/050_CVE-2008-4610.patch b/debian/patches/050_CVE-2008-4610.patch
new file mode 100644
index 0000000..95d4945
--- /dev/null
+++ b/debian/patches/050_CVE-2008-4610.patch
@@ -0,0 +1,48 @@
+------------------------------------------------------------------------
+r17090 | alexc | 2009-02-09 02:39:33 +0100 (Mo, 09. Feb 2009) | 2 lines
+
+VP3: Do not ignore error from read_huffman_tree().
+
+------------------------------------------------------------------------
+Index: libavcodec/vp3.c
+===================================================================
+--- a/libavcodec/vp3.c (Revision 17089)
++++ b/libavcodec/vp3.c (Revision 17090)
+@@ -2014,9 +2014,11 @@
+ }
+ s->huff_code_size++;
+ s->hbits <<= 1;
+- read_huffman_tree(avctx, gb);
++ if (read_huffman_tree(avctx, gb))
++ return -1;
+ s->hbits |= 1;
+- read_huffman_tree(avctx, gb);
++ if (read_huffman_tree(avctx, gb))
++ return -1;
+ s->hbits >>= 1;
+ s->huff_code_size--;
+ }
+@@ -2192,9 +2194,11 @@
+ s->huff_code_size = 1;
+ if (!get_bits1(gb)) {
+ s->hbits = 0;
+- read_huffman_tree(avctx, gb);
++ if(read_huffman_tree(avctx, gb))
++ return -1;
+ s->hbits = 1;
+- read_huffman_tree(avctx, gb);
++ if(read_huffman_tree(avctx, gb))
++ return -1;
+ }
+ }
+
+@@ -2250,7 +2254,8 @@
+ // theora_decode_comments(avctx, gb);
+ break;
+ case 0x82:
+- theora_decode_tables(avctx, &gb);
++ if (theora_decode_tables(avctx, &gb))
++ return -1;
+ break;
+ default:
+ av_log(avctx, AV_LOG_ERROR, "Unknown Theora config packet: %d\n", ptype&~0x80);
diff --git a/debian/patches/series b/debian/patches/series
index a9736a2..1c8716a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -11,6 +11,7 @@
050_CVE-2008-4866.patch
050_CVE-2008-4866-2.patch
050_CVE-2008-3230.patch
+050_CVE-2008-4610.patch
060_r14917_dca_max_frame_size.diff
060_r14937_dca_fix_scaling_factor.diff
060_r14964.dca_table.diff
--
FFmpeg packaging
More information about the pkg-multimedia-commits
mailing list