[SCM] libav/jessie: Build with --disable-protocol=concat
sramacher at users.alioth.debian.org
sramacher at users.alioth.debian.org
Wed Jan 20 15:18:08 UTC 2016
The following commit has been merged in the jessie branch:
commit c09716d61e300f670cecd6b3e5c035d2303d2773
Author: Sebastian Ramacher <sramacher at debian.org>
Date: Wed Jan 20 14:21:43 2016 +0100
Build with --disable-protocol=concat
Fixes CVE-2016-1897 and CVE-2016-1898
diff --git a/debian/confflags b/debian/confflags
index 6910aa1..385956c 100644
--- a/debian/confflags
+++ b/debian/confflags
@@ -103,6 +103,8 @@ confflags += --libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
confflags += --prefix=/usr
confflags += $(shell test -x /usr/bin/yasm || echo --disable-yasm )
confflags += --disable-avserver
+# CVE-2016-1897 and CVE-2016-1898
+confflags += --disable-protocol=concat
ifeq ($(DEB_HOST_ARCH),armel)
# this is required on Ubuntu lucid as it defaults to thumb2 and Libav has
--
Libav/FFmpeg packaging
More information about the pkg-multimedia-commits
mailing list