[SCM] VLC media player packaging branch, lucid, updated. debian/1.0.6-1ubuntu1-4-g20164f5
bdrung-guest at users.alioth.debian.org
bdrung-guest at users.alioth.debian.org
Tue Aug 17 16:06:23 UTC 2010
The following commit has been merged in the lucid branch:
commit 20164f59deeb479753068375c10afaf12c7ca41f
Author: Benjamin Drung <bdrung at ubuntu.com>
Date: Tue Aug 17 18:05:51 2010 +0200
SECURITY UPDATE: Insufficient input validation in VLC TagLib plugin (LP: #616510).
* SECURITY UPDATE: Insufficient input validation in VLC TagLib plugin
(LP: #616510).
- debian/patches/CVE-2010-2937.patch: fix NULL deferences after dynamic
cast, thanks to Lukáš Lalinský
- CVE-2010-2937
diff --git a/debian/changelog b/debian/changelog
index 15f5068..10b76b0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+vlc (1.0.6-1ubuntu1.2) lucid-security; urgency=low
+
+ * SECURITY UPDATE: Insufficient input validation in VLC TagLib plugin
+ (LP: #616510).
+ - debian/patches/CVE-2010-2937.patch: fix NULL deferences after dynamic
+ cast, thanks to Lukáš Lalinský
+ - CVE-2010-2937
+
+ -- Benjamin Drung <bdrung at ubuntu.com> Tue, 17 Aug 2010 17:14:14 +0200
+
vlc (1.0.6-1ubuntu1.1) lucid-proposed; urgency=low
* debian/vlc{,-nox}.install:
diff --git a/debian/patches/CVE-2010-2937.patch b/debian/patches/CVE-2010-2937.patch
new file mode 100644
index 0000000..eda922e
--- /dev/null
+++ b/debian/patches/CVE-2010-2937.patch
@@ -0,0 +1,43 @@
+From: Lukáš Lalinský <lalinsky at gmail.com>
+Date: Wed, 11 Aug 2010 19:02:30 +0000 (+0300)
+Subject: taglib: fix NULL deferences after dynamic cast
+X-Git-Url: http://git.videolan.org/?p=vlc%2Fvlc-1.0.git;a=commitdiff_plain;h=22a22e356c9d93993086810b2e25b59b55925b3a
+
+taglib: fix NULL deferences after dynamic cast
+
+Reported-by: FortiGuard Lab
+Signed-off-by: Rémi Denis-Courmont <remi at remlab.net>
+(cherry picked from commit 0a3d05b4058fe683e2ef49da8ece9214ade01870)
+---
+
+diff --git a/modules/meta_engine/taglib.cpp b/modules/meta_engine/taglib.cpp
+index 43ac697..9faf922 100644
+--- a/modules/meta_engine/taglib.cpp
++++ b/modules/meta_engine/taglib.cpp
+@@ -120,6 +120,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+ {
+ ID3v2::UniqueFileIdentifierFrame* p_ufid =
+ dynamic_cast<ID3v2::UniqueFileIdentifierFrame*>(*iter);
++ if( !p_ufid )
++ continue;
+ const char *owner = p_ufid->owner().toCString();
+ if (!strcmp( owner, "http://musicbrainz.org" ))
+ {
+@@ -140,6 +142,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+ {
+ ID3v2::UserTextIdentificationFrame* p_txxx =
+ dynamic_cast<ID3v2::UserTextIdentificationFrame*>(*iter);
++ if( !p_txxx )
++ continue;
+ vlc_meta_AddExtra( p_meta, p_txxx->description().toCString( true ),
+ p_txxx->fieldList().toString().toCString( true ) );
+ }
+@@ -196,6 +200,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+ {
+ ID3v2::AttachedPictureFrame* p_apic =
+ dynamic_cast<ID3v2::AttachedPictureFrame*>(*iter);
++ if( !p_apic )
++ continue;
+ input_attachment_t *p_attachment;
+
+ const char *psz_mime;
diff --git a/debian/patches/series b/debian/patches/series
index 04ed3d7..8b0fae6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@
524-Mozilla-More-fixes-for-XulRunner-1.9.2.patch
525-Mozilla-more-fixes.patch
600-drop-OJI-xul-192.patch
+CVE-2010-2937.patch
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list