lp:ubuntu/gutsy-updates/mplayer

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

34. By Stefan Lesicnik on 2008-10-10

* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
  earlier allow remote attackers to cause a denial of service
  (process termination) and possibly execute arbitrary code via a
  crafted video file that causes the stream_read function to read or
  write arbitrary memory (LP: #279030)
  - libmpdemux/demux_real.c: Address various integer underflows. Patch
    from oCert.org.
  - http://www.ocert.org/advisories/ocert-2008-013.html
  - CVE-2008-3827
* SECURITY UPDATE: Uncontrolled array index in the sdpplin_parse function in
  stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to
  overwrite memory and execute arbitrary code via a large streamid SDP
  parameter. (LP: #212601).
  - Cherrypicked rev 80 from lp:~ubuntu-dev/mplayer/ubuntu (William Grant)
    stream/realrtsp/sdpplin.c: Properly check the stream ID. Patch from
    upstream.
  - CVE-2008-1558

33. By William Grant on 2008-03-08

* SECURITY UPDATE: buffer overruns in RMMF, CDDB, MOV demuxer, FLAC header
  parser, and URL parser. (LP: #191488)
* stream/librtsp/rtsp_session.c, stream/realrtsp/rmff.c,
  stream/realrtsp/rmff.h, libmpdemux/demux_audio.c, libmpdemux/demux_mov.c,
  stream/stream_cddb.c, stream/url.c: Patches from upstream.
* References:
  - CVE-2008-0225
  - CVE-2008-0238
  - CVE-2008-0485
  - CVE-2008-0486
  - CVE-2008-0629
  - CVE-2008-0630

32. By William Grant on 2007-11-06

* SECURITY UPDATE: buffer overrun in mpdemux code (LP: #140891).
* libmpdemux/aviheader.c: Apply upstream patch.
* References:
  - CVE-2007-4938

31. By Laurent Bigonville on 2007-10-13

01_default_config.dpatch: Fix typo that prevent the screensaver to be
disabled (LP: #152080)

30. By Mario Limonciello on 2007-10-08

* Add 01_default_config.dpatch.
  - Sets screensaver by default for non gmplayer.
    (LP: #95038), (LP: #139770)
  - Sets xv as video output for gmplayer and mplayer.
    (LP: #65165), (LP: #146307)
* Add dpatch to build-depends in debian/control.
* Add dpatch support to debian/rules.

29. By Alfredo Matos on 2007-06-07

Added Network Audio System (NAS) support (LP: #110151)

28. By William Grant on 2007-06-06

SECURITY UPDATE: Upstream fix for CVE 2007-2948. Fixes a buffer overrun in
the cddb code. (LP: #118855)

27. By Sarah Kowalik on 2007-04-09

* Rebuild to get correct version of libdirectfb
* Modified Maintainer value to match Debian-Maintainer-Field Spec

26. By Nafallo Bjälevik on 2007-03-12

* Fix some formatting in our patches.
* etc/examples.conf:
  - Add ac=mad, to use libmad as first choice.
* debian/rules:
  - Reenable mp3lib again... *sigh*

25. By Nafallo Bjälevik on 2007-03-11

[ Christian Bjälevik ]
* debian/rules:
  - Add --disable-mp3lib to actually disable the damn thing.
* DOCS/man/en/mplayer.1:
  - Remove documentation about -vo aa:help (LP: #43301).
* Various files (see bzr diff for info):
  - Apply patch taken from Mandriva CVS (LP: #53947)
    to use dbus for disabling gnome-screensaver.

[ William Grant ]
* Enable LADSPA (LP: #67400)
  - Add ladspa-sdk to Build-Depends.