[SCM] vlc/squeeze: More DEP-3-fication.
bdrung-guest at users.alioth.debian.org
bdrung-guest at users.alioth.debian.org
Wed Dec 29 21:30:34 UTC 2010
The following commit has been merged in the squeeze branch:
commit 03539bf00fe5e1f0ddd8dea3e7e17aef0674e8ff
Author: Benjamin Drung <bdrung at ubuntu.com>
Date: Wed Dec 29 22:30:14 2010 +0100
More DEP-3-fication.
diff --git a/debian/patches/CVE-2010-3907.diff b/debian/patches/CVE-2010-3907.diff
index 0aae404..4899043 100644
--- a/debian/patches/CVE-2010-3907.diff
+++ b/debian/patches/CVE-2010-3907.diff
@@ -1,17 +1,9 @@
Subject: Real: fix heap buffer overflow (CVE-2010-3907)
+ Malformatted files may have a zero i_subpackets value. In this case,
+ we cannot use the array, but we still have to free it (calloc(0)).
Author: Rémi Denis-Courmont <remi at remlab.net>
-Origin: http://git.videolan.org/gitweb.cgi?p=vlc/vlc-1.1.git;a=commit;h=5264082844c1deb05585c245525fd55f9a9cab41
-Date: Wed Dec 15 00:08:59 2010 +0200
-
- Real: fix heap buffer overflow (CVE-2010-3907)
-
- Malformatted files may have a zero i_subpackets value. In this case,
- we cannot use the array, but we still have to free it (calloc(0)).
-
- This should fix LP#690173.
-
- Reported-by: Dan Rosenberg <drosenberg at vsecurity.com>
- (cherry picked from commit 6568965770f906d34d4aef83237842a5376adb55)
+Bug-Ubuntu: https://launchpad.net/bugs/690173
+Origin: upstream, http://git.videolan.org/gitweb.cgi?p=vlc/vlc-1.1.git;a=commit;h=5264082844c1deb05585c245525fd55f9a9cab41
diff --git a/modules/demux/real.c b/modules/demux/real.c
index dee5b52..e3b6a07 100644
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list