[SCM] vlc/squeeze: Make patches DEP-3 compliant.

bdrung at users.alioth.debian.org bdrung at users.alioth.debian.org
Mon Jan 24 21:30:59 UTC 2011 

The following commit has been merged in the squeeze branch:
commit e043a1b7cb81fab4ed22a304c5e2583ab8933aed
Author: Benjamin Drung <bdrung at ubuntu.com>
Date:   Mon Jan 24 22:13:49 2011 +0100

    Make patches DEP-3 compliant.

diff --git a/debian/patches/cdg-heap-overflow.diff b/debian/patches/cdg-heap-overflow.diff
index 307ebb0..d04e283 100644
--- a/debian/patches/cdg-heap-overflow.diff
+++ b/debian/patches/cdg-heap-overflow.diff
@@ -1,20 +1,16 @@
 Author: Dan Rosenberg <drosenberg at vsecurity.com>
 Subject: Fix heap overflows in CDG decoder
-
-    This patch resolves two heap corruption vulnerabilities in the CDG
-    decoder for VLC media player.  In both cases, a failure to properly
-    validate indexes into statically-sized arrays on the heap could allow a
-    maliciously crafted CDG video to corrupt the heap in a controlled
-    manner, potentially leading to code execution.
-    
-    The patch is against v1.1.5 from vlc git, but this decoder hasn't been
-    touched in awhile, so I'd expect it to cleanly apply to older versions.
-    I've tested it and confirmed it resolves the heap corruption issues and
-    does not break functionality.
-    
+ This patch resolves two heap corruption vulnerabilities in the CDG
+ decoder for VLC media player.  In both cases, a failure to properly
+ validate indexes into statically-sized arrays on the heap could allow a
+ maliciously crafted CDG video to corrupt the heap in a controlled
+ manner, potentially leading to code execution.
+ .
+ The patch is against v1.1.5 from vlc git, but this decoder hasn't been
+ touched in awhile, so I'd expect it to cleanly apply to older versions.
+ I've tested it and confirmed it resolves the heap corruption issues and
+ does not break functionality.
 Origin: upstream, http://git.videolan.org/gitweb.cgi?p=vlc/vlc-1.1.git;a=commit;h=d11fca8bf9dc058bcdf67d81c04f84f8905ad8b4
-Date:   Fri Jan 7 11:06:08 2011 -0500
-
 
 diff --git a/modules/codec/cdg.c b/modules/codec/cdg.c
 index 31ecd0e..fe7b62d 100644
diff --git a/debian/patches/xml-heap-corruption.diff b/debian/patches/xml-heap-corruption.diff
index 08a70db..3858320 100644
--- a/debian/patches/xml-heap-corruption.diff
+++ b/debian/patches/xml-heap-corruption.diff
@@ -1,5 +1,4 @@
 Author: Harry Sintonen <sintonen at iki.fi>
-Date:   Mon Jan 17 00:47:58 2011 +0200
 Subject: Handle early termination properly in StripTags
 Origin: upstream, http://git.videolan.org/gitweb.cgi?p=vlc/vlc-1.1.git;a=commit;h=dc14617f39c03bbe80c3cc4f92799dca840966eb
 

-- 
VLC media player packaging

More information about the pkg-multimedia-commits mailing list