lp:ubuntu/intrepid-updates/xine-lib
- Get this branch:
- bzr branch lp:ubuntu/intrepid-updates/xine-lib
Branch merges
Branch information
Recent revisions
- 57. By Marc Deslauriers
-
* SECURITY UPDATE: Integer overflow in the 4xm demuxer
- debian/patches/ 14_SECURITY_ CVE-2009- 0698-2. dpatch: Previous fix was
incomplete. Fix additional integer overflow in src/demuxers/demux_4xm. c.
- CVE-2009-0698
* SECURITY UPDATE: Integer overflow in the QT demuxer via large count
value in an STTS atom
- debian/patches/ 15_SECURITY_ CVE-2009- 1274.dpatch: validate atom size
in src/demuxers/demux_qt. c.
- CVE-2009-1274 - 56. By Marc Deslauriers
-
* REGRESSION: Broken size checks in CVE-2008-5239 input plugins patch
(LP: #322834)
- debian/patches/ 12_SECURITY_ CVE-2008- 5239-fix. dpatch: fix the size
checks in src/input/input_*.c broken by the
08_SECURITY_ CVE-2008- 5239.dpatch security patch.
- CVE-2008-5239
* SECURITY UPDATE: Integer overflow in the 4xm demuxer
- debian/patches/ 13_SECURITY_ CVE-2009- 0698.dpatch: Make sure we don't
overflow fourxm->track_count in src/demuxers/demux_4xm. c.
- CVE-2009-0698 - 55. By Marc Deslauriers
-
* SECURITY UPDATE: backported security fixes from upstream xine-lib hg repo:
- debian/patches/ 01_SECURITY_ invalid_ track_type. dpatch: Avoid segfault on
invalid track type in Matroska files.
- debian/patches/ 02_SECURITY_ ffmpeg_ video_overflow. dpatch: Heap buffer
overflow in the ffmpeg video decoder.
- debian/patches/ 03_SECURITY_ ffmpeg_ audio_overflow. dpatch: Integer overflow
in the ffmpeg audio decoder
- debian/patches/ 04_SECURITY_ cdda_server_ overflow. dpatch: Integer overflow
in the the CDDA server.
- debian/patches/ 05_SECURITY_ CVE-2008- 5234.dpatch: Heap overflow and
unchecked malloc in Quicktime atom parsing. (CVE-2008-5234, CVE-2008-5242)
- debian/patches/ 06_SECURITY_ CVE-2008- 5236.dpatch: Buffer overflows in
Matroska, Real and RealAudio demuxers. (CVE-2008-5236)
- debian/patches/ 07_SECURITY_ CVE-2008- 5237.dpatch: Integer overflows in
MNG and QT demuxers. (CVE-2008-5237)
- debian/patches/ 08_SECURITY_ CVE-2008- 5239.dpatch: Out-of-bounds reads and
heap-based buffer overflows from unchecked or incompletely-checked read
function results. (CVE-2008-5239)
- debian/patches/ 09_SECURITY_ CVE-2008- 5240.dpatch: Unchecked malloc using
untrusted values. (CVE-2008-5240)
- debian/patches/ 10_SECURITY_ CVE-2008- 5241.dpatch: Integer underflow in qt
compressed atom handling. (CVE-2008-5241)
- debian/patches/ 11_SECURITY_ CVE-2008- 5243.dpatch: Buffer indexing using
untrusted or unchecked values. (CVE-2008-5243) - 54. By Michael Casadevall
-
Changed xine-engine/
buffer. h to use __inline__
vs inline in patch 00_fix_inline.diff to correct
applications from FTBFS when using c90 mode of GCC (LP: #274194) - 52. By Reinhard Tartler
-
* New upstream release (LP: #261135)
- introduces updated faad plugin (LP: #76566, #123456)
- Fixes CVE-2008-3231 - 51. By Reinhard Tartler
-
* merge from debian unstable. Remaining changes:
- disable the jack plugin
- Modify Maintainer value to match the DebianMaintainerField
specification.
* update XS-Vcs-Url to public branch location. - 50. By Kees Cook
-
* Merge from debian unstable, remaining changes:
- disable the jack plugin to make dapper->hardy upgrades work (LP #203605)
- adjust deps to make sure Kubuntu CDs are installable. - 49. By Martin Pitt
-
Drop libxine-ffmpeg recommends from libxine1, since otherwise Kubuntu CDs
are still uninstallable. (LP: #257611) - 48. By Martin Pitt
-
libxine1 dependencies: Prefer libxine1-
misc-plugins over libxine1-plugins,
since the latter pulls in -ffmpeg, whic pulls in libavcodec51, which is
banned from CDs. This unbreaks Kubuntu CDs for Alpha 4, although is not
the final solution we might want.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/xine-lib