lp:ubuntu/hardy-security/mplayer
- Get this branch:
- bzr branch lp:ubuntu/hardy-security/mplayer
Branch merges
Branch information
Recent revisions
- 46. By Firas Kraïem
-
* SECURITY UPDATE: Integer signedness error in the fourxm_read_header
function in libavformat/4xm.c in FFmpeg before revision 16846 allows
remote attackers to execute arbitrary code via a malformed 4X movie
file with a large current_track value, which triggers a NULL pointer
dereference. (LP: #731625)
- libavformat/4xm.c - patch from ffmpeg package in hardy-security
- References:
+ CVE-2009-0385 - 45. By Stefan Lesicnik
-
* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
earlier allow remote attackers to cause a denial of service
(process termination) and possibly execute arbitrary code via a
crafted video file that causes the stream_read function to read or
write arbitrary memory. (LP: #279030)
- libmpdemux/demux_real. c - patch from oCert.
- References:
+ CVE-2008-3827
+ http://www.ocert. org/advisories/ ocert-2008- 013.html - 44. By William Grant
-
* SECURITY UPDATE: arbitrary code execution via crafted RTSP stream.
(LP: #212601)
- stream/realrtsp/ sdpplin. c: Properly check the stream ID. Patch from
upstream.
- References:
+ CVE-2008-1558 - 43. By Matti Lindell <email address hidden>
-
Modify mplayer.desktop to support opening URIs with spaces (LP: #164709).
- 42. By William Grant
-
Actually drop the runtime CPU detection configure flag from the
arch-global variable, which I apparently missed in bzr last time. - 41. By William Grant
-
* Only build-depend on libsvga1-dev on i386 and amd64; it doesn't exist
anywhere else.
* Only enable runtime CPU detection on i386, amd64 and powerpc. Fixes FTBFS
on [!i386 amd64 powerpc]. - 40. By William Grant
-
[ Luke Yelavich ]
* etc/example.conf: Use pulseaudio by default, and fallback to alsa.[ William Grant ]
* SECURITY UPDATE: buffer overruns in CDDB, MOV demuxer, FLAC header parser,
and URL parser. (LP: #191488)
* libmpdemux/demux_audio. c, libmpdemux/ demux_mov. c, stream/ stream_ cddb.c,
stream/url.c: Patches from upstream.
* References:
- CVE-2008-0485
- CVE-2008-0486
- CVE-2008-0629
- CVE-2008-0630
* debian/rules: Unset CFLAGS, to make it build again. - 39. By Jani Monoses
-
Use DejaVu instead of Bitstream Vera for subtitles so they show
correct characters for many non-English languages (LP: #48497) - 38. By Mario Limonciello
-
* Add debian/mime to install mime types in (g)mplayer.
* Rebuild against newer x264 (LP: 177082, 172683, 181389) - 37. By Mario Limonciello
-
* debian/rules:
- Drop old get-orig-source to avoid confusion.
* debian/control:
- Build depend on newer faac for libmp4v2 transition. (LP: 181389)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/mplayer