[SCM] vlc/maverick: Fix heap buffer overflow (CVE-2011-2587).
bdrung at users.alioth.debian.org
bdrung at users.alioth.debian.org
Mon Jul 18 14:58:58 UTC 2011
The following commit has been merged in the maverick branch:
commit 641791eee7e854fa299480627543e1f67db59d21
Author: Benjamin Drung <bdrung at debian.org>
Date: Mon Jul 18 16:09:05 2011 +0200
Fix heap buffer overflow (CVE-2011-2587).
diff --git a/debian/patches/CVE-2011-2587.patch b/debian/patches/CVE-2011-2587.patch
new file mode 100644
index 0000000..fa06ebd
--- /dev/null
+++ b/debian/patches/CVE-2011-2587.patch
@@ -0,0 +1,20 @@
+From: Rémi Denis-Courmont <remi at remlab.net>
+Subject: [PATCH 1/2] real: fix heap buffer overflow (CVE-2011-2587)
+Origin: upstream, http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commit;h=3e7f0de57218f76a77f6b1759970e8740fd6ef0c
+
+---
+ modules/demux/real.c | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+--- a/modules/demux/real.c
++++ b/modules/demux/real.c
+@@ -841,7 +841,8 @@
+ demux_sys_t *p_sys = p_demux->p_sys;
+ block_t *p_block = tk->p_sipr_packet;
+
+- if( p_sys->i_buffer < tk->i_frame_size )
++ if( p_sys->i_buffer < tk->i_frame_size
++ || tk->i_sipr_subpacket_count >= tk->i_subpacket_h )
+ return;
+
+ if( !p_block )
diff --git a/debian/patches/series b/debian/patches/series
index 6b7b54b..bb68ee6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@ mkv-input-validation.diff
CVE-2010-327x.patch
CVE-2011-1684.patch
fix-xspf-integer-overflow.patch
+CVE-2011-2587.patch
--
VLC media player packaging
More information about the pkg-multimedia-commits
mailing list