Ubuntu
xine-lib package

lp:ubuntu/gutsy-security/xine-lib

  1. Gutsy (7.10)
  2. gutsy-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/gutsy-security/xine-lib
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

34. By Marc Deslauriers

* REGRESSION: Broken size checks in CVE-2008-5239 input plugins patch
  (LP: #322834)
  - src/input/input_*.c: fix the size checks broken by the previous
    security update.
  - http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=b11cc37934629a2965859163db6095fbbe2b44be;style=gitweb
  - CVE-2008-5239
* SECURITY UPDATE: Integer overflow in the 4xm demuxer
  - src/demuxers/demux_4xm.c: Make sure we don't overflow
    fourxm->track_count.
  - http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=ba872682eba8a10217c48b7fe21f0fa763ef4af3;style=gitweb
  - CVE-2009-0698

33. By Marc Deslauriers

* SECURITY UPDATE: backported security fixes from upstream xine-lib hg repo:
  - src/demuxers/demux_matroska.c: avoid segfault on invalid track type in
    Matroska files.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=7b472fa486db;style=gitweb
  - src/libffmpeg/ff_video_decoder.c: fix heap buffer overflow in the ffmpeg
    video decoder.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=ffb2e82d7bb77e87492734f72c2e5d21fb9ad2c0;style=gitweb
  - misc/cdda_server.c: fix integer overflow in the the CDDA server.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=30eb014e9b320035de309ee442ebbff6d405987b;style=gitweb
  - src/demuxers/demux_{ogg,avi,asf}.c: fix crashes with fuzzed media files.
    (CVE-2008-3231)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=967a8e515380c0c9b9858125a054082145002d00;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=67bfec7af3472674ba7396bd468b7607339fe102;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=4519eeeda3b3a20489b3699693d801c3696221da;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=18059453374c49ebfc9660dcc34acc28afa57d17;style=gitweb
  - src/demuxers/demux_{mng,mod}.c: add some checks for memory allocation
    failures. (CVE-2008-5233)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=35f09930323e46c92e521846b9ccdfd5e277ad16;style=gitweb
  - src/demuxers/demux_qt.c: fix heap overflow in Quicktime atom parsing.
    (CVE-2008-5234, CVE-2008-5242)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=6e81eec36701;style=gitweb
  - src/demuxers/demux_matroska.c: fix buffer overflows in Matroska demuxer.
    (CVE-2008-5236)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=e38bb4b22431123997a16a186fe8beb4edcfef87;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=8e125da9ecbe;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=b01a02595343;style=gitweb
  - src/demuxers/demux_{mng,qt}.c: fix integer overflows in MNG and QT
    demuxers. (CVE-2008-5237)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=9c97a9a9ba17a487116a198d80a74ec7879aa801;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=65f524e14623;style=gitweb
  - src/demuxers/{demux_matroska.c,demux_mod.c,id3.h}: use size_t for data
    length variables where there may be int overflows. (CVE-2008-5238)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a0830dddbd35625069506a9c49321317cbab8a2d;style=gitweb
  - src/{input,demuxers}/*.c: fix out-of-bounds reads and heap-based buffer
    overflows from unchecked or incompletely-checked read function results.
    (CVE-2008-5239)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=7fb21abb15e5a7311a2c157721ddfab0a47090ab;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=5df277a7eec3;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=f775929597b1c10142e51674ee02e041b1b87df4;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=e6efc6d566961ab231686c1ee18044f2d45a2b4a;style=gitweb
  - src/demuxers/demux_real.c: fix unchecked malloc using untrusted values.
    (CVE-2008-5240)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=01753933e6647ed29226f18e4489ce034b569d65;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=071dc93156e6940a7f1b8bb38762d521dd5731e8;style=gitweb
  - src/demuxers/demux_qt.c: fix integer underflow in qt compressed atom
    handling. (CVE-2008-5241)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a57d5ef86b65bcc195a5358125fdb34e10a37bb4;style=gitweb
  - src/demuxers/demux_real.c: fix buffer indexing using untrusted or
    unchecked values. (CVE-2008-5243)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=4982c9920f42657d0797145bf197127f18d8972c;style=gitweb
  - src/libfaad/*: updated to libfaad 2.6.1 to fix crashes with corrupted
    AAC files. This was done by applying the upstream changeset to xine-lib
    from Hardy and copying over the libfaad directory to this version.
    (CVE-2008-5244)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=18c0264660b951b8e5672f1a66d1bcecdfeb6ea8;style=gitweb
  - src/demuxers/id3.c: fix an exploitable ID3 heap buffer overflow.
    (CVE-2008-5246)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=268c1c1639d766d92b7e7bb11de7b38482ebe8e9;style=gitweb
  - src/xine-engine/info_helper.c: fix crashes with MP3 files with metadata
    consisting only of separators. (CVE-2008-5248)
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=60ab5d2bdd82f00b10205f816a545337c9363134;style=gitweb

32. By Jamie Strandboge

* SECURITY UPDATE: array index vulnerability
* fix for src/libxineadec/xine_speex_decoder.c to properly validate its
  input
* SECURITY UPDATE: buffer overflow in the NSF demuxer
* fix for src/demuxers/demux_nsf.c to use strndup() instead of strdup()
* SECURITY UPDATE: integer overflows in FLV, Qt, Real, WC3Movie, Matroska
  and FILM demuxers
* fix demux_film.c, demux_flv.c, demux_qt.c, demux_real.c, demux_wc3movie.c
  and ebml.c to check for failure of various memory allocations
* SECURITY UPDATE: array index vulnerability
* fix src/input/libreal/sdpplin.c and src/input/libreal/sdpplin.h to verify
  size of stream_id and stream_count
* SECURITY UPDATE: buffer overflow in the RTSP header-handling code
* fix src/input/libreal/rmff.c and src/input/libreal/rmff.h to check buffer
  sizes in rmff_dump_*() functions (CVE-2008-0225 and CVE-2008-0238)
* SECURITY UPDATE: buffer overflow in FLAC processing
* fix for src/demuxers/demux_flac.c to check buffer lengths and leave room
  for NUL termination
* SECURITY UPDATE: fix buffer overflow in ASF demuxer as demonstrated by
  exploit code for CVE-2006-1664
* fix src/demuxers/demux_asf.c to check the size of asf_header_len
* SECURITY UPDATE: buffer over in Matroska demuxer
* fix src/demuxers/demux_matroska.c to use unsigned ints and check size of
  first_frame_size and frame_size, and return value of parse_ebml_sint() and
  parse_ebml_uint()
* References
  CVE-2008-1686
  CVE-2008-1878
  CVE-2008-1482
  CVE-2008-0073
  CVE-2008-0225
  CVE-2008-0238
  CVE-2008-0486
  CVE-2008-1110
  CVE-2008-1161

31. By Reinhard Tartler

* merge debian changes. Remaining change:
  - remove the jack plugin, not in main

30. By Reinhard Tartler

removing build dependency on jack, since jack is not in ubuntu main

29. By Kees Cook

* SECURITY UPDATE: DS decoder heap overflow.
* src/libw32dll/DirectShow/DS_VideoDecoder.c: ported mplayer fix.
* References
  http://svn.mplayerhq.hu/mplayer?view=rev&revision=22205

28. By Kees Cook

* SECURITY UPDATE: DMO decoder heap overflow.
* src/libw32dll/dmo/DMO_VideoDecoder.c: ported mplayer fix.
* References
  http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c?r1=22019&r2=22204
  CVE-2007-1246

27. By Reinhard Tartler

Don't compile xine with -mpreferred-stack-boundary=2, because ffmpeg
expects the stack to be aligned. Patch already aplied Upstream.
(LP: #89537)

26. By Reinhard Tartler

fix FTBFS on sparc: add missing -I$(top_srcdir)/src/libffmpeg
directive to CPPFLAGS so that ffmpeg_config.h is in the include dir

25. By Reinhard Tartler

* install shlibs.local file to tighten dependency on libxine1
* add build dependency on libmagick9-dev to build to
  dmx_image and decoder_image plugin. Also add them to libxine1.install
* install the xine(5) manpage to package libxine1
* Bumb shlibs file (forgotten in 1.1.4-1)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/xine-lib
This branch contains Public information 
Everyone can see this information.

Subscribers