[SCM] vlc/squeeze: Imported Debian patch 1.1.3-1squeeze5

xtophe-guest at users.alioth.debian.org xtophe-guest at users.alioth.debian.org
Tue Jul 19 20:25:05 UTC 2011 

The following commit has been merged in the squeeze branch:
commit ed4ff10d1f69c267dd91db32fad6efd283dd3bca
Author: Nico Golde <nion at debian.org>
Date:   Mon Apr 11 21:08:16 2011 +0000

    Imported Debian patch 1.1.3-1squeeze5

diff --git a/debian/changelog b/debian/changelog
index 2627988..343f1b9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+vlc (1.1.3-1squeeze5) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix heap-based buffer overflow in mp4 decoder, VideoLAN-SA-1103.
+
+ -- Nico Golde <nion at debian.org>  Mon, 11 Apr 2011 21:08:16 +0000
+
 vlc (1.1.3-1squeeze4) stable-security; urgency=high
 
   * CVE-2010-3275/CVE-2010-3276
diff --git a/debian/patches/debian-changes-1.1.3-1squeeze5 b/debian/patches/debian-changes-1.1.3-1squeeze5
new file mode 100644
index 0000000..1d96278
--- /dev/null
+++ b/debian/patches/debian-changes-1.1.3-1squeeze5
@@ -0,0 +1,37 @@
+Description: Upstream changes introduced in version 1.1.3-1squeeze5
+ This patch has been created by dpkg-source during the package build.
+ Here's the last changelog entry, hopefully it gives details on why
+ those changes were made:
+ .
+ vlc (1.1.3-1squeeze5) stable-security; urgency=high
+ .
+   * Non-maintainer upload by the Security Team.
+   * Fix heap-based buffer overflow in mp4 decoder, VideoLAN-SA-1103.
+ .
+ The person named in the Author field signed this changelog entry.
+Author: Nico Golde <nion at debian.org>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- vlc-1.1.3.orig/modules/demux/mp4/libmp4.c
++++ vlc-1.1.3/modules/demux/mp4/libmp4.c
+@@ -2247,7 +2247,7 @@ static int MP4_ReadBox_frma( stream_t *p
+ 
+ static int MP4_ReadBox_skcr( stream_t *p_stream, MP4_Box_t *p_box )
+ {
+-    MP4_READBOX_ENTER( MP4_Box_data_frma_t );
++    MP4_READBOX_ENTER( MP4_Box_data_skcr_t );
+ 
+     MP4_GET4BYTES( p_box->data.p_skcr->i_init );
+     MP4_GET4BYTES( p_box->data.p_skcr->i_encr );
diff --git a/debian/patches/series b/debian/patches/series
index 5233a50..f085002 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@ cdg-heap-overflow.diff
 xml-heap-corruption.diff
 mkv-input-validation.diff
 CVE-2010-3275-CVE-2010-3276.diff
+debian-changes-1.1.3-1squeeze5

-- 
VLC media player packaging

More information about the pkg-multimedia-commits mailing list