lp:ubuntu/karmic-security/ffmpeg-extra

Created by James Westby on 2011-04-11 and last modified on 2011-04-11
Get this branch:
bzr branch lp:ubuntu/karmic-security/ffmpeg-extra
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

6. By Marc Deslauriers on 2011-04-05

* SECURITY UPDATE: arbitrary code execution via crafted flic file
  - debian/patches/CVE-2010-3429.patch: add checks to
    libavcodec/flicvideo.c.
  - CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
  (LP: #690169)
  - debian/patches/CVE-2010-3908.patch: properly calculate size in
    libavcodec/utils.c.
  - CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
  - debian/patches/CVE-2010-4704.patch: validate codebook in
    libavcodec/vorbis_dec.c.
  - CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
  crafted WebM file
  - debian/patches/CVE-2011-0480.patch: check rangebits in
    libavcodec/vorbis_dec.c.
  - CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
  (LP: #690169)
  - debian/patches/CVE-2011-0722.patch: set dimensions in
    libavcodec/rv34.c.
  - CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
  crafted VC1 file (LP: #690169)
  - debian/patches/CVE-2011-0723.patch: fix invalid reads in
    libavcodec/vc1dec.c.
  - CVE-2011-0723
* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640

5. By Reinhard Tartler on 2009-10-16

* make the conflicts/replaces on the former -unstripped- variants
  versioned so the -unstripped- and -extra- variants can actually be
  coinstalled.
* remove references to obsolete 'cvs' packages. these have never existed
  in ubuntu after all.

4. By Reinhard Tartler on 2009-10-14

[ Reinhard Tartler ]
* merge from the 'ffmpeg' package
* Make arguments of av_set_pts_info() unsigned.
* update debian/changelog
* use patch for issue1245 from git.ffmpeg.org
* Support constant-quant encoding for libtheora, LP: #356322
* increase swscale compile time width (VOF/VOFW), LP: #443264
* Add missing Conflicts/Replaces to ensure a working upgrade patch from
  intrepid/jaunty. LP: #418785

[ Loïc Minier ]
* Update config for karmic's armel toolchain.
* Enable neon flavour; LP: #383240.
* Update NEON confflags to assume v7 and VFP.
* Add backported NEON patches from ffmpeg trunk; see debian/patches/neon/.
* Pass proper --cpu and --extra-flags on armel.
* Pass -fPIC -DPIC to neon pass.

3. By Reinhard Tartler on 2009-08-26

* merge from the 'ffmpeg' package
* enable dirac, libopenjpeg
* reintroduce the formats.txt file
* reintroduce "missing" codecs: LP: #419103
* is co-installable with the -dev packages LP: #416436, #418168
* should now have the proper replaces lines: LP: #418789, #418799, #418807, #323789
* don't build doxygen documentation, it is not installed anyway

2. By Reinhard Tartler on 2009-08-15

* merge from debian. Remaining changes:
  - don't build-depend on libfaad-dev, disabling faad decoder.
  - build arm vfp variant
  - don't build libopenjpeg support (not in main)
* introduce the "-extra-" packages from debimedia

1. By Reinhard Tartler on 2009-08-15

Import upstream version 0.5+svn20090706

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/ffmpeg-extra
This branch contains Public information 
Everyone can see this information.

Subscribers