[SCM] vlc/jessie: Import 2.2.0~rc2-2+deb8u1

sramacher at users.alioth.debian.org sramacher at users.alioth.debian.org
Sun Sep 13 17:32:44 UTC 2015


The following commit has been merged in the jessie branch:
commit 44dd73662cfa2e3056bc5659d210b1769dc6df4c
Author: Sebastian Ramacher <sramacher at debian.org>
Date:   Sun Sep 13 19:24:35 2015 +0200

    Import 2.2.0~rc2-2+deb8u1

diff --git a/debian/changelog b/debian/changelog
index 49bdb60..a084c54 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+vlc (2.2.0~rc2-2+deb8u1) jessie-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Add CVE-2015-5949.patch patch.
+    CVE-2015-5949: Insufficient restrictions on a writable buffer in the 3GP
+    file format parser can be exploited to execute arbitrary code via a
+    specially crafted 3GP file.
+
+ -- Salvatore Bonaccorso <carnil at debian.org>  Wed, 19 Aug 2015 15:45:17 +0200
+
 vlc (2.2.0~rc2-2) unstable; urgency=medium
 
   * debian/patches: Apply upstream patches for security vulnerabilities.
diff --git a/debian/patches/CVE-2015-5949.patch b/debian/patches/CVE-2015-5949.patch
new file mode 100644
index 0000000..49ba07e
--- /dev/null
+++ b/debian/patches/CVE-2015-5949.patch
@@ -0,0 +1,29 @@
+From ce91452460a75d7424b165c4dc8db98114c3cbd9 Mon Sep 17 00:00:00 2001
+From: Francois Cartegnie <fcartegnie at free.fr>
+Date: Mon, 3 Aug 2015 15:17:32 +0200
+Subject: [PATCH] demux: mp4: correctly match release function
+
+Signed-off-by: Jean-Baptiste Kempf <jb at videolan.org>
+---
+ modules/demux/mp4/libmp4.c |    5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c
+index 331262b..f220e51 100644
+--- a/modules/demux/mp4/libmp4.c
++++ b/modules/demux/mp4/libmp4.c
+@@ -3643,6 +3643,11 @@ void MP4_BoxFree( stream_t *s, MP4_Box_t *p_box )
+     {
+         for( i_index = 0; ; i_index++ )
+         {
++            if ( MP4_Box_Function[i_index].i_parent &&
++                 p_box->p_father &&
++                 p_box->p_father->i_type != MP4_Box_Function[i_index].i_parent )
++                continue;
++
+             if( ( MP4_Box_Function[i_index].i_type == p_box->i_type )||
+                 ( MP4_Box_Function[i_index].i_type == 0 ) )
+             {
+-- 
+1.7.10.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 80613b4..83ced6d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 codec-schroedinger-fix-potential-buffer-overflow.patch
 demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
 stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
+CVE-2015-5949.patch

-- 
VLC media player packaging



More information about the pkg-multimedia-commits mailing list