lp:ubuntu/dapper-security/vlc
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/vlc
Branch merges
Branch information
Recent revisions
- 16. By Emanuele Gentili
-
* SECURITY UPDATE: (LP: #207284)
+ debian/patches/ 031_CVE- 2008-1489. dpatch
- Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted MP4 RDRF box that triggers a
heap-based buffer overflow.* References
+ http://www.cve. mitre.org/ cgi-bin/ cvename. cgi?name= 2008-1489
+ http://trac.videolan. org/vlc/ changeset/ 09572892df7e72c 0d4e598c0b5e076 cf330d8b0a - 15. By Emanuele Gentili
-
* SECURITY UPDATE:
- debian/patches/ CVE-2008- 0984.dpatch (LP: #195949)
+ VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer)
suffers from an arbitrary memory overwrite vulnerability when using
crash the player instance.* References
- http://cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2008- 0984
- http://www.videolan. org/security/ sa0802. html - 14. By magilus
-
Fix format string vulnerability with patch taken from Debian BTS
MOAB-02-01-2007- CVE-2007- 0017.dpatch, CVE-2007-0017. Closes Malone: #78610 - 13. By Daniel T Chen
-
"'Time to race', she said, 'Race the downhill'."
* Add debian/
patches/ 24_prefs_ stacking_ fix, fixing stacking in
Preferences dialog. Taken from upstream svn changeset 13795, thanks
to Bruce Cowan (Closes: Malone #31891).
* Demote ttf-freefont, ttf-thryomanes to Suggests as the former
provides bad metrics for Thai. See Debian #362071 for additional
information.
* Don't use gcc-snapshot as the compiler. See Debian #361729 for more
information.
* Make vlc.desktop HIG-compliant.
* Rebuild against new libebml-dev and libmatroska-dev, fixing crashes
with Matroska files (Closes: Malone #29644).
* Use our own faad2 and x264, fixing garbled graphics (Closes: Malone
#28539). Please see Debian #365389 if the inclusion of these
libraries stirs your ire. - 12. By Daniel T Chen
-
* Integrate updates from Debian:
- Enable support for zeroconf/bonjour, musepack decoding, and VCD
navigation (and adjust debian/{control, rules} accordingly, adding
debian/patches/ 22_avahi_ client_ 0.6_api) . - 11. By Oliver Grawert
-
* removed nonexistent xlibs-static-pic build dep to fix FTBFS
* changes UBUNTU_ENV from /usr/lib/mozilla- firefox/ xpidl
to /usr/lib/firefox/ xpidl to fix FTBFS
* added 21_gnome-screensaver- support. dpatch to automagically
disable screensavers while playing a movie - 10. By Daniel T Chen
-
* debian/control: Replace mozilla-dev build dependency with
firefox-dev. Change mozilla-plugin- vlc's Recommends appropriately.
Fixes FTBFS due to mozilla-dev muck on [!amd64].
* debian/rules: Elide Ubuntu modifications into UBUNTU_ENV to pass
to configure (MOZILLA_CONFIG= /usr/bin/ firefox- config ,
XPIDL=/usr/lib/ mozilla- firefox/ xpidl) - 8. By Daniel T Chen
-
* Resynchronise with Debian:
- Fix build dependency on GL headers.
- Reintegrate patch for HAL 0.5 API in src/libvlc.c(Debian# 332927) ,
fixing FTBFS.
- Fix broken mailcap entries in vlc.mime (Closes: Debian#340434,
Debian#339570).
- Make vlc depend on vlc-plugin-alsa (Closes: #3678, #4544).
- Fix unicast streaming (Closes: #4444). - 7. By Daniel T Chen
-
* New svn checkout to fix the Unicode issues once and for all that
forced build-depending on libwxgtk2.4-dev in Breezy. Change _back_
to build-depend on libwxgtk2.6-dev (Closes: #3179, #3505, #3559).
* Use hal patch from 0.8.4-svn20050920-3+hal0.
* debian/:
+ Major purge of unused dpatches.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/vlc