lp:ubuntu/hardy-updates/ffmpeg
- Get this branch:
- bzr branch lp:ubuntu/hardy-updates/ffmpeg
Branch merges
Branch information
Recent revisions
- 23. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via crafted flic file
- debian/patches/ CVE-2010- 3429.patch: add checks to
libavcodec/flicvideo. c.
- CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
(LP: #690169)
- debian/patches/ CVE-2010- 3908.patch: properly calculate size in
libavcodec/utils.c.
- CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
- debian/patches/ CVE-2010- 4704.patch: validate codebook in
libavcodec/vorbis. c.
- CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
crafted WebM file
- debian/patches/ CVE-2011- 0480.patch: check rangebits in
libavcodec/vorbis. c.
- CVE-2011-0480
* SECURITY UPDATE: denial of service and possible code execution via
crafted VC1 file (LP: #690169)
- debian/patches/ CVE-2011- 0723.patch: fix invalid reads in
libavcodec/vc1dec. c.
- CVE-2011-0723 - 22. By Marc Deslauriers
-
debian/
patches/ CVE-2009- 46XX/security- issue22. patch: removed this
patch as it was causing a regression. (LP: #567913) - 21. By Marc Deslauriers
-
* SECURITY UPDATE: Fix a multitude of security issues
- debian/patches/ CVE-2009- 46XX/security- issue03. patch: check stream
existence before assignment
- debian/patches/ CVE-2009- 46XX/security- issue04. patch: check submap
indexes
- debian/patches/ CVE-2009- 46XX/security- issue05. patch: check classbook
value
- debian/patches/ CVE-2009- 46XX/security- issue06. patch: add checks for
per-packet mode indexes and per-header mode mapping indexes
- debian/patches/ CVE-2009- 46XX/security- issue07. patch: check masterbook
index and subclass book index.
- debian/patches/ CVE-2009- 46XX/security- issue08. patch: check
res_setup-> books
- debian/patches/ CVE-2009- 46XX/security- issue09. patch: check
begin/end/partition_ size
- debian/patches/ CVE-2009- 46XX/security- issue10. patch: check validity
of channels & samplerate
- debian/patches/ CVE-2009- 46XX/security- issue11. patch: fix book_idx
check
- debian/patches/ CVE-2009- 46XX/security- issue12. patch: sanity checks
for magnitude and angle
- debian/patches/ CVE-2009- 46XX/security- issue13. patch: fix = -> == typo
- debian/patches/ CVE-2009- 46XX/security- issue14. patch: check dimensions
against 0 too
- debian/patches/ CVE-2009- 46XX/security- issue17. patch: make sure that
all memory allocations succeed
- debian/patches/ CVE-2009- 46XX/security- issue19. patch: set data_size to
0 to avoid having it uninitialized
- debian/patches/ CVE-2009- 46XX/security- issue22. patch: check codec_id
and codec_type, make sure priv_data is freed and codec is set to NULL
- CVE-2009-4633
- CVE-2009-4634
- CVE-2009-4635
- CVE-2009-4637
- CVE-2009-4639
- CVE-2009-4640 - 20. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via a malformed Ogg Media (OGM) file
- debian/patches/ 100_security_ CVE-2008- 4610.diff: properly check return
codes in libavcodec/vp3.c.
- CVE-2008-4610
* SECURITY UPDATE: buffer overflow caused by an incorrect DCA_MAX_FRAME_SIZE
value
- debian/patches/ 101_security_ CVE-2008- 4867.diff: set DCA_MAX_FRAME_SIZE to
a correct value in libavcodec/dca.c.
- CVE-2008-4867
* SECURITY UPDATE: arbitrary code execution via a malformed 4X movie file
(LP: #323620)
- debian/patches/ 102_security_ CVE-2009- 0385.diff: validate current_track
value in libavformat/4xm.c.
- CVE-2009-0385 - 19. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via a malformed Ogg Media (OGM) file
- debian/patches/ 100_security_ CVE-2008- 4610.diff: properly check return
codes in libavcodec/vp3.c.
- CVE-2008-4610
* SECURITY UPDATE: buffer overflow caused by an incorrect DCA_MAX_FRAME_SIZE
value
- debian/patches/ 101_security_ CVE-2008- 4867.diff: set DCA_MAX_FRAME_SIZE to
a correct value in libavcodec/dca.c.
- CVE-2008-4867
* SECURITY UPDATE: arbitrary code execution via a malformed 4X movie file
(LP: #323620)
- debian/patches/ 102_security_ CVE-2009- 0385.diff: validate current_track
value in libavformat/4xm.c.
- CVE-2009-0385 - 18. By Kees Cook
-
* SECURITY UPDATE: crash from crafted STR file.
* Add debian/patches/ 400_str_ file_crash. diff: backported upstream fixes.
* References
CVE-2008-3162 - 17. By Stephan Rügamer
-
* added qt-faststart (LP: #200996)
reorders the components of an H.264 MPEG4 video file to enable progressive
download playback of certain H.264 videos in the Flash Player browser plugin.
* debian/rules:
- build: $(MAKE) qt-faststart
- install: cp this to debian/tmp/usr/bin/
* debian/ffmpeg. install:
- added usr/bin/qt-faststart - 16. By Mario Đanić
-
* Implemented 061_fix_
resample_ warnings. diff
Fixes LP: #122266
* debian/control:
- set MOTU as maintainer
- set XSBC-Original-Maintainer: Debian multimedia packages maintainers - 14. By Reinhard Tartler
-
make ffmpeg-config not add -ldts and -la52 to LDFLAGS. fixes FTBFS in
unrelated packages.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/ffmpeg