[SCM] mplayer packaging branch, etch, created. 378dd92ce55580d64906fbade5e0bf498a665f2a

siretart at users.alioth.debian.org siretart at users.alioth.debian.org
Wed Apr 15 22:29:59 UTC 2009 

The branch, etch has been created
        at  378dd92ce55580d64906fbade5e0bf498a665f2a (commit)

- Shortlog ------------------------------------------------------------
commit 378dd92ce55580d64906fbade5e0bf498a665f2a
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Thu Apr 16 00:21:38 2009 +0200

    update debian/changelog

commit 8e7101ce23a6ac073b04a64c4aa94d47531bde64
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Thu Apr 16 00:20:11 2009 +0200

    Security fix for CVE-2008-4866
    
    proposed changelog entry:
      * Fix buffer overflows in libavformat/utils.c
        Fixes: CVE-2008-4866
    
    corresponding upstream commit:
    
    ------------------------------------------------------------------------
    r14714 | bcoudurier | 2008-08-12 19:26:36 +0200 (Di, 12. Aug 2008) | 3 lines
    
    Prevent dts generation code to be executed when delay is > MAX_REORDER_DELAY,
    this fixes overflow in AVStream->pts_buffer.
    
    However, this patch seems to be adjusted. By whom is unknown, though.

commit 6744f9fd05b23a0a1b440d20c8b8ab0f62482bfc
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Thu Apr 16 00:06:47 2009 +0200

    Security fix for CVE-2009-0385
    
    Upstream commitmessage:
    
    ------------------------------------------------------------------------
    r16846 | michael | 2009-01-28 14:37:26 +0100 (Mi, 28. Jan 2009) | 4 lines
    
    Fix remotely exploitable arbitrary code execution vulnerability.
    Found by Tobias Klein / tk // trapkit / de /
    See: http://www.trapkit.de/advisories/TKADV2009-004.txt
    
    proposed changelog entry:
    
      * Fix integer signedness error in the fourxm_read_header function in
        libavformat/4xm.c
        Fixes: CVE-2009-0385
        See: http://www.trapkit.de/advisories/TKADV2009-004.txt

commit ec80cafe819b695382ffa4d409b220fc4c7a4b86
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Wed Apr 15 23:54:06 2009 +0200

    Security fix for CVE-2008-5616
    
    proposed changelog entry:
    
      * SA33136: MPlayer TwinVQ Processing Buffer Overflow Vulnerability
        Thanks to T. Klein, G. Iuculano, R. Döffinger  (Closes: #508803).
        CVE-2008-5616. Thanks to Steve Kemp <skx at debian.org> for preparing
        the patch.
    
    corresponding upstream commit:
    
    ------------------------------------------------------------------------
    r28149 | reimar | 2008-12-14 16:17:18 +0100 (So, 14. Dez 2008) | 3 lines
    
    Add extra checks to avoid crashes with broken vqf files.
    Fixes CVE-2008-5616

commit 2d66409643b37c5ca241ff5c14cbb05474ad0fb5
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Wed Apr 15 23:10:37 2009 +0200

    import patch for mplayer_1.0~rc1-12etch5.diff.gz

-----------------------------------------------------------------------

-- 
mplayer packaging

More information about the pkg-multimedia-commits mailing list