lp:ubuntu/gutsy-updates/mplayer
- Get this branch:
- bzr branch lp:ubuntu/gutsy-updates/mplayer
Branch merges
Branch information
Recent revisions
- 34. By Stefan Lesicnik
-
* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
earlier allow remote attackers to cause a denial of service
(process termination) and possibly execute arbitrary code via a
crafted video file that causes the stream_read function to read or
write arbitrary memory (LP: #279030)
- libmpdemux/demux_real. c: Address various integer underflows. Patch
from oCert.org.
- http://www.ocert. org/advisories/ ocert-2008- 013.html
- CVE-2008-3827
* SECURITY UPDATE: Uncontrolled array index in the sdpplin_parse function in
stream/realrtsp/ sdpplin. c in MPlayer 1.0 rc2 allows remote attackers to
overwrite memory and execute arbitrary code via a large streamid SDP
parameter. (LP: #212601).
- Cherrypicked rev 80 from lp:~ubuntu-dev/mplayer/ubuntu (William Grant)
stream/realrtsp/ sdpplin. c: Properly check the stream ID. Patch from
upstream.
- CVE-2008-1558 - 33. By William Grant
-
* SECURITY UPDATE: buffer overruns in RMMF, CDDB, MOV demuxer, FLAC header
parser, and URL parser. (LP: #191488)
* stream/librtsp/ rtsp_session. c, stream/ realrtsp/ rmff.c,
stream/realrtsp/ rmff.h, libmpdemux/ demux_audio. c, libmpdemux/ demux_mov. c,
stream/stream_ cddb.c, stream/url.c: Patches from upstream.
* References:
- CVE-2008-0225
- CVE-2008-0238
- CVE-2008-0485
- CVE-2008-0486
- CVE-2008-0629
- CVE-2008-0630 - 32. By William Grant
-
* SECURITY UPDATE: buffer overrun in mpdemux code (LP: #140891).
* libmpdemux/aviheader. c: Apply upstream patch.
* References:
- CVE-2007-4938 - 31. By Laurent Bigonville
-
01_default_
config. dpatch: Fix typo that prevent the screensaver to be
disabled (LP: #152080) - 30. By Mario Limonciello
-
* Add 01_default_
config. dpatch.
- Sets screensaver by default for non gmplayer.
(LP: #95038), (LP: #139770)
- Sets xv as video output for gmplayer and mplayer.
(LP: #65165), (LP: #146307)
* Add dpatch to build-depends in debian/control.
* Add dpatch support to debian/rules. - 28. By William Grant
-
SECURITY UPDATE: Upstream fix for CVE 2007-2948. Fixes a buffer overrun in
the cddb code. (LP: #118855) - 27. By Sarah Kowalik
-
* Rebuild to get correct version of libdirectfb
* Modified Maintainer value to match Debian-Maintainer- Field Spec - 26. By Nafallo Bjälevik
-
* Fix some formatting in our patches.
* etc/examples.conf:
- Add ac=mad, to use libmad as first choice.
* debian/rules:
- Reenable mp3lib again... *sigh* - 25. By Nafallo Bjälevik
-
[ Christian Bjälevik ]
* debian/rules:
- Add --disable-mp3lib to actually disable the damn thing.
* DOCS/man/en/mplayer. 1:
- Remove documentation about -vo aa:help (LP: #43301).
* Various files (see bzr diff for info):
- Apply patch taken from Mandriva CVS (LP: #53947)
to use dbus for disabling gnome-screensaver.[ William Grant ]
* Enable LADSPA (LP: #67400)
- Add ladspa-sdk to Build-Depends.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/mplayer