[SCM] vlc/squeeze: Imported Debian patch 1.1.3-1squeeze6

Tue Jul 19 20:25:05 UTC 2011

The following commit has been merged in the squeeze branch:
commit e391f91f50308f2e1ac2eb69d925912a593a2268
Author: Nico Golde <nion at debian.org>
Date:   Wed Jun 8 21:38:25 2011 +0000

    Imported Debian patch 1.1.3-1squeeze6

diff --git a/debian/changelog b/debian/changelog
index 343f1b9..0e57600 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+vlc (1.1.3-1squeeze6) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix integer overflow in demux/playlist/xspf.c leading to heap
+    overflow (CVE-2011-2194). 
+
+ -- Nico Golde <nion at debian.org>  Wed, 08 Jun 2011 21:38:25 +0000
+
 vlc (1.1.3-1squeeze5) stable-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff --git a/debian/patches/CVE-2011-2194.diff b/debian/patches/CVE-2011-2194.diff
new file mode 100644
index 0000000..416c406
--- /dev/null
+++ b/debian/patches/CVE-2011-2194.diff
@@ -0,0 +1,13 @@
+Index: vlc-1.1.3/modules/demux/playlist/xspf.c
+===================================================================
+--- vlc-1.1.3.orig/modules/demux/playlist/xspf.c	2011-06-08 21:37:30.000000000 +0000
++++ vlc-1.1.3/modules/demux/playlist/xspf.c	2011-06-08 21:38:05.000000000 +0000
+@@ -504,7 +504,7 @@
+                     }
+                     free( psz_uri );
+ 
+-                    if( p_sys->i_track_id < 0 )
++                    if( p_sys->i_track_id < 0 || p_sys->i_track_id >= (SIZE_MAX / sizeof(p_new_input)))
+                     {
+                         input_item_node_AppendNode( p_input_node, p_new_node );
+                         vlc_gc_decref( p_new_input );
diff --git a/debian/patches/series b/debian/patches/series
index f085002..2bfa34e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@ xml-heap-corruption.diff
 mkv-input-validation.diff
 CVE-2010-3275-CVE-2010-3276.diff
 debian-changes-1.1.3-1squeeze5
+CVE-2011-2194.diff

-- 
VLC media player packaging

