[SCM] vlc/maverick: Import Debian patch for 1.1.4-1ubuntu1.5
bdrung at users.alioth.debian.org
bdrung at users.alioth.debian.org
Sat Jun 11 19:22:07 UTC 2011
The following commit has been merged in the maverick branch:
commit bc190fd7dd423b0f1862dbda7e62251fd7feea48
Author: Benjamin Drung <bdrung at debian.org>
Date: Sat Jun 11 21:16:17 2011 +0200
Import Debian patch for 1.1.4-1ubuntu1.5
diff --git a/debian/changelog b/debian/changelog
index 198cfa2..7aed1f7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+vlc (1.1.4-1ubuntu1.5) maverick-security; urgency=low
+
+ * SECURITY UPDATE: arbitrary code execution via crafted width
+ - debian/patches/CVE-2010-327x.patch: limit video size to 8192x8192 in
+ src/video_output/video_output.c.
+ - CVE-2010-3275
+ - CVE-2010-3276
+ * SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
+ - debian/patches/CVE-2011-1684.patch: fix buffer overflow in
+ modules/demux/mp4/libmp4.c.
+ - CVE-2011-1684
+
+ -- Marc Deslauriers <marc.deslauriers at ubuntu.com> Wed, 13 Apr 2011 23:21:01 -0400
+
vlc (1.1.4-1ubuntu1.4) maverick-security; urgency=low
* SECURITY UPDATE: memory corruption, code execution (LP: #714089)
diff --git a/debian/patches/CVE-2010-327x.patch b/debian/patches/CVE-2010-327x.patch
new file mode 100644
index 0000000..1cfe2b8
--- /dev/null
+++ b/debian/patches/CVE-2010-327x.patch
@@ -0,0 +1,16 @@
+Description: fix arbitrary code execution via crafted width
+Origin: upstream, http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commitdiff;h=fe44129dc6509b3347113ab0e1a0524af1e0dd11
+
+Index: vlc-1.1.4/src/video_output/video_output.c
+===================================================================
+--- vlc-1.1.4.orig/src/video_output/video_output.c 2011-04-13 23:20:08.249417332 -0400
++++ vlc-1.1.4/src/video_output/video_output.c 2011-04-13 23:20:20.359417336 -0400
+@@ -297,7 +297,7 @@
+ char *psz_parser;
+ char *psz_name;
+
+- if( i_width <= 0 || i_height <= 0 )
++ if( i_width <= 0 || i_height <= 0 || i_width > 8192 || i_height > 8192 )
+ return NULL;
+
+ vlc_ureduce( &p_fmt->i_sar_num, &p_fmt->i_sar_den,
diff --git a/debian/patches/CVE-2011-1684.patch b/debian/patches/CVE-2011-1684.patch
new file mode 100644
index 0000000..c0d4e20
--- /dev/null
+++ b/debian/patches/CVE-2011-1684.patch
@@ -0,0 +1,17 @@
+Description: fix arbitrary code execution via mp4 file
+Origin: upstream, http://git.videolan.org/?p=vlc.git;a=commit;h=5637ca8141bf39f263ecdb62035d2cb45c740821
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/756368
+
+Index: vlc-1.1.4/modules/demux/mp4/libmp4.c
+===================================================================
+--- vlc-1.1.4.orig/modules/demux/mp4/libmp4.c 2011-04-13 23:20:47.869417347 -0400
++++ vlc-1.1.4/modules/demux/mp4/libmp4.c 2011-04-13 23:20:53.699417350 -0400
+@@ -2247,7 +2247,7 @@
+
+ static int MP4_ReadBox_skcr( stream_t *p_stream, MP4_Box_t *p_box )
+ {
+- MP4_READBOX_ENTER( MP4_Box_data_frma_t );
++ MP4_READBOX_ENTER( MP4_Box_data_skcr_t );
+
+ MP4_GET4BYTES( p_box->data.p_skcr->i_init );
+ MP4_GET4BYTES( p_box->data.p_skcr->i_encr );
diff --git a/debian/patches/series b/debian/patches/series
index 23967dc..fc72ac4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,3 +5,5 @@ CVE-2010-3907.diff
cdg-heap-overflow.diff
xml-heap-corruption.diff
mkv-input-validation.diff
+CVE-2010-327x.patch
+CVE-2011-1684.patch
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list