[SCM] mplayer packaging branch, etch, created. 378dd92ce55580d64906fbade5e0bf498a665f2a
siretart at users.alioth.debian.org
siretart at users.alioth.debian.org
Wed Apr 15 22:29:59 UTC 2009
The branch, etch has been created
at 378dd92ce55580d64906fbade5e0bf498a665f2a (commit)
- Shortlog ------------------------------------------------------------
commit 378dd92ce55580d64906fbade5e0bf498a665f2a
Author: Reinhard Tartler <siretart at tauware.de>
Date: Thu Apr 16 00:21:38 2009 +0200
update debian/changelog
commit 8e7101ce23a6ac073b04a64c4aa94d47531bde64
Author: Reinhard Tartler <siretart at tauware.de>
Date: Thu Apr 16 00:20:11 2009 +0200
Security fix for CVE-2008-4866
proposed changelog entry:
* Fix buffer overflows in libavformat/utils.c
Fixes: CVE-2008-4866
corresponding upstream commit:
------------------------------------------------------------------------
r14714 | bcoudurier | 2008-08-12 19:26:36 +0200 (Di, 12. Aug 2008) | 3 lines
Prevent dts generation code to be executed when delay is > MAX_REORDER_DELAY,
this fixes overflow in AVStream->pts_buffer.
However, this patch seems to be adjusted. By whom is unknown, though.
commit 6744f9fd05b23a0a1b440d20c8b8ab0f62482bfc
Author: Reinhard Tartler <siretart at tauware.de>
Date: Thu Apr 16 00:06:47 2009 +0200
Security fix for CVE-2009-0385
Upstream commitmessage:
------------------------------------------------------------------------
r16846 | michael | 2009-01-28 14:37:26 +0100 (Mi, 28. Jan 2009) | 4 lines
Fix remotely exploitable arbitrary code execution vulnerability.
Found by Tobias Klein / tk // trapkit / de /
See: http://www.trapkit.de/advisories/TKADV2009-004.txt
proposed changelog entry:
* Fix integer signedness error in the fourxm_read_header function in
libavformat/4xm.c
Fixes: CVE-2009-0385
See: http://www.trapkit.de/advisories/TKADV2009-004.txt
commit ec80cafe819b695382ffa4d409b220fc4c7a4b86
Author: Reinhard Tartler <siretart at tauware.de>
Date: Wed Apr 15 23:54:06 2009 +0200
Security fix for CVE-2008-5616
proposed changelog entry:
* SA33136: MPlayer TwinVQ Processing Buffer Overflow Vulnerability
Thanks to T. Klein, G. Iuculano, R. Döffinger (Closes: #508803).
CVE-2008-5616. Thanks to Steve Kemp <skx at debian.org> for preparing
the patch.
corresponding upstream commit:
------------------------------------------------------------------------
r28149 | reimar | 2008-12-14 16:17:18 +0100 (So, 14. Dez 2008) | 3 lines
Add extra checks to avoid crashes with broken vqf files.
Fixes CVE-2008-5616
commit 2d66409643b37c5ca241ff5c14cbb05474ad0fb5
Author: Reinhard Tartler <siretart at tauware.de>
Date: Wed Apr 15 23:10:37 2009 +0200
import patch for mplayer_1.0~rc1-12etch5.diff.gz
-----------------------------------------------------------------------
--
mplayer packaging
More information about the pkg-multimedia-commits
mailing list