lp:ubuntu/hardy-security/xine-lib

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

48. By Marc Deslauriers on 2009-04-17

* SECURITY UPDATE: Integer overflow in the 4xm demuxer
  - src/demuxers/demux_4xm.c: Fix additional integer overflow, as
    previous fix was incomplete.
  - http://hg.debian.org/hg/xine-lib/xine-lib/rev/7799748cc0f2
  - CVE-2009-0698
* SECURITY UPDATE: Integer overflow in the QT demuxer via large count
  value in an STTS atom
  - src/demuxers/demux_qt.c: validate atom size
  - http://hg.debian.org/hg/xine-lib/xine-lib/rev/d21a4564db03
  - CVE-2009-1274

47. By Marc Deslauriers on 2009-03-24

* REGRESSION: Broken size checks in CVE-2008-5239 input plugins patch
  (LP: #322834)
  - src/input/input_*.c: fix the size checks broken by the previous
    security update.
  - http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=b11cc37934629a2965859163db6095fbbe2b44be;style=gitweb
  - CVE-2008-5239
* SECURITY UPDATE: Integer overflow in the 4xm demuxer
  - src/demuxers/demux_4xm.c: Make sure we don't overflow
    fourxm->track_count.
  - http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=ba872682eba8a10217c48b7fe21f0fa763ef4af3;style=gitweb
  - CVE-2009-0698

46. By Marc Deslauriers on 2009-01-21

* SECURITY UPDATE: backported security fixes from upstream xine-lib hg repo:
  - src/demuxers/demux_matroska.c: avoid segfault on invalid track type in
    Matroska files.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=7b472fa486db;style=gitweb
  - src/combined/ffmpeg/ff_video_decoder.c: fix heap buffer overflow in the
    ffmpeg video decoder.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=ffb2e82d7bb77e87492734f72c2e5d21fb9ad2c0;style=gitweb
  - misc/cdda_server.c: fix integer overflow in the the CDDA server.
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=30eb014e9b320035de309ee442ebbff6d405987b;style=gitweb
  - src/demuxers/demux_{ogg,avi,asf}.c: fix crashes with fuzzed media files.
    (CVE-2008-3231)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=967a8e515380c0c9b9858125a054082145002d00;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=67bfec7af3472674ba7396bd468b7607339fe102;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=4519eeeda3b3a20489b3699693d801c3696221da;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=18059453374c49ebfc9660dcc34acc28afa57d17;style=gitweb
  - src/demuxers/demux_{mng,mod}.c: add some checks for memory allocation
    failures. (CVE-2008-5233)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=35f09930323e46c92e521846b9ccdfd5e277ad16;style=gitweb
  - src/demuxers/demux_qt.c: fix heap overflow in Quicktime atom parsing.
    (CVE-2008-5234, CVE-2008-5242)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=6e81eec36701;style=gitweb
  - src/demuxers/demux_matroska.c: fix buffer overflows in Matroska demuxer.
    (CVE-2008-5236)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=e38bb4b22431123997a16a186fe8beb4edcfef87;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=8e125da9ecbe;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=b01a02595343;style=gitweb
  - src/demuxers/demux_{mng,qt}.c: fix integer overflows in MNG and QT
    demuxers. (CVE-2008-5237)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=9c97a9a9ba17a487116a198d80a74ec7879aa801;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=65f524e14623;style=gitweb
  - src/demuxers/{demux_matroska.c,demux_mod.c,id3.h}: use size_t for data
    length variables where there may be int overflows. (CVE-2008-5238)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a0830dddbd35625069506a9c49321317cbab8a2d;style=gitweb
  - src/{input,demuxers}/*.c: fix out-of-bounds reads and heap-based buffer
    overflows from unchecked or incompletely-checked read function results.
    (CVE-2008-5239)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=7fb21abb15e5a7311a2c157721ddfab0a47090ab;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=5df277a7eec3;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=f775929597b1c10142e51674ee02e041b1b87df4;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=e6efc6d566961ab231686c1ee18044f2d45a2b4a;style=gitweb
  - src/demuxers/demux_real.c: fix unchecked malloc using untrusted values.
    (CVE-2008-5240)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=01753933e6647ed29226f18e4489ce034b569d65;style=gitweb
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=071dc93156e6940a7f1b8bb38762d521dd5731e8;style=gitweb
  - src/demuxers/demux_qt.c: fix integer underflow in qt compressed atom
    handling. (CVE-2008-5241)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a57d5ef86b65bcc195a5358125fdb34e10a37bb4;style=gitweb
  - src/demuxers/demux_real.c: fix buffer indexing using untrusted or
    unchecked values. (CVE-2008-5243)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=4982c9920f42657d0797145bf197127f18d8972c;style=gitweb
  - src/libfaad/*: updated to libfaad 2.6.1 to fix crashes with corrupted
    AAC files. (CVE-2008-5244)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=18c0264660b951b8e5672f1a66d1bcecdfeb6ea8;style=gitweb
  - src/demuxers/id3.c: fix an exploitable ID3 heap buffer overflow.
    (CVE-2008-5246)
    * http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=268c1c1639d766d92b7e7bb11de7b38482ebe8e9;style=gitweb
  - src/xine-engine/info_helper.c: fix crashes with MP3 files with metadata
    consisting only of separators. (CVE-2008-5248)
    * http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=60ab5d2bdd82f00b10205f816a545337c9363134;style=gitweb

45. By Jamie Strandboge on 2008-07-30

* SECURITY UPDATE: array index vulnerability
* fix for src/libxineadec/xine_speex_decoder.c to properly validate its
  input
* SECURITY UPDATE: buffer overflow in the NSF demuxer
* fix for src/demuxers/demux_nsf.c to use strndup() instead of strdup()
* References
  CVE-2008-1686
  CVE-2008-1878

44. By Reinhard Tartler on 2008-04-12

[ Darren Salt ]
* Fixes from upstream hg:
  - Matroska demuxer regression. (Closes: #474316)
  - PulseAudio plugin backported & re-enabled.
    This takes precedence over ALSA, but falls back cleanly.

[ Reinhard Tartler ]
* Cherrypick the above changes to the ubuntu package (LP: #176332, #131914)

43. By Reinhard Tartler on 2008-04-02

[ Darren Salt ]
* Fixes from upstream hg:
  - Quicktime demuxer regression. (Closes: #473499, #473631)
  - Wavpack MIME type information.

[ Reinhard Tartler ]
  - merge changes from debian packaging hg to fetch fix for
    LP: #210510

42. By Reinhard Tartler on 2008-04-01

* New upstream Version, merge from debian/unstable.
  - Freeze exception Granted in LP: #204557
  - Inclused Security fixes: LP: #195700
* Remaining Changes:
   - add Replaces: libxine-main1 (<< 1.1.2+repacked1-0ubuntu1)
     in libxine1-bin to make dapper->hardy upgrades work (LP #203605)
   - Modify Maintainer value to match the DebianMaintainerField
     specification.

41. By Michael Vogt on 2008-03-18

* debian/control:
  - add Replaces: libxine-main1 (<< 1.1.2+repacked1-0ubuntu1)
    in libxine1-bin to make dapper->hardy upgrades work (LP: #203605)
* Modify Maintainer value to match the DebianMaintainerField
  specification.

40. By Darren Salt on 2008-02-20

[Darren Salt]
* libxine-dev: backport an m4 version-parsing fix from hg.
* Fixed an off-by-one (introduced in the security fix) which breaks
  playback of some FLAC files. (Closes: #466746)
* Versioned build-dep on libmagick9-dev (for libmagick10). (Closes: #466681)
  Add libmagick-dev as an alternative, with the same version requirement.

39. By Steve Langasek on 2008-02-20

No-change rebuild against libmagick10.