lp:ubuntu/karmic-security/ffmpeg
- Get this branch:
- bzr branch lp:ubuntu/karmic-security/ffmpeg
Branch merges
Branch information
Recent revisions
- 40. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via crafted flic file
- debian/patches/ CVE-2010- 3429.patch: add checks to
libavcodec/flicvideo. c.
- CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
(LP: #690169)
- debian/patches/ CVE-2010- 3908.patch: properly calculate size in
libavcodec/utils.c.
- CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
- debian/patches/ CVE-2010- 4704.patch: validate codebook in
libavcodec/vorbis_ dec.c.
- CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
crafted WebM file
- debian/patches/ CVE-2011- 0480.patch: check rangebits in
libavcodec/vorbis_ dec.c.
- CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
(LP: #690169)
- debian/patches/ CVE-2011- 0722.patch: set dimensions in
libavcodec/rv34.c.
- CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
crafted VC1 file (LP: #690169)
- debian/patches/ CVE-2011- 0723.patch: fix invalid reads in
libavcodec/vc1dec. c.
- CVE-2011-0723 - 39. By Marc Deslauriers
-
debian/
patches/ CVE-2009- 46XX/security- issue22. patch: removed this
patch as it was causing a regression. (LP: #567913) - 38. By Marc Deslauriers
-
* SECURITY UPDATE: Fix a multitude of security issues
- debian/patches/ CVE-2009- 46XX/security- issue03. patch: check stream
existence before assignment
- debian/patches/ CVE-2009- 46XX/security- issue04. patch: check submap
indexes
- debian/patches/ CVE-2009- 46XX/security- issue05. patch: check classbook
value
- debian/patches/ CVE-2009- 46XX/security- issue06. patch: add checks for
per-packet mode indexes and per-header mode mapping indexes
- debian/patches/ CVE-2009- 46XX/security- issue07. patch: check masterbook
index and subclass book index.
- debian/patches/ CVE-2009- 46XX/security- issue08. patch: check
res_setup-> books
- debian/patches/ CVE-2009- 46XX/security- issue09. patch: check
begin/end/partition_ size
- debian/patches/ CVE-2009- 46XX/security- issue10. patch: check validity
of channels & samplerate
- debian/patches/ CVE-2009- 46XX/security- issue11. patch: fix book_idx
check
- debian/patches/ CVE-2009- 46XX/security- issue12. patch: sanity checks
for magnitude and angle
- debian/patches/ CVE-2009- 46XX/security- issue13. patch: fix = -> == typo
- debian/patches/ CVE-2009- 46XX/security- issue14. patch: check dimensions
against 0 too
- debian/patches/ CVE-2009- 46XX/security- issue15. patch: fix
init_get_bits() buffer size
- debian/patches/ CVE-2009- 46XX/security- issue17. patch: make sure that
all memory allocations succeed
- debian/patches/ CVE-2009- 46XX/security- issue18. patch: fix possible
buffer over-read in vorbis_comment
- debian/patches/ CVE-2009- 46XX/security- issue19. patch: set data_size to
0 to avoid having it uninitialized
- debian/patches/ CVE-2009- 46XX/security- issue20. patch: disable parsing
for ogg streams where no ogg header was found
- debian/patches/ CVE-2009- 46XX/security- issue22. patch: check codec_id
and codec_type, make sure priv_data is freed and codec is set to NULL
- CVE-2009-4632
- CVE-2009-4633
- CVE-2009-4634
- CVE-2009-4635
- CVE-2009-4637
- CVE-2009-4639
- CVE-2009-4640 - 37. By Loïc Minier
-
[ Reinhard Tartler ]
* Make arguments of av_set_pts_info() unsigned.
* update debian/changelog
* use patch for issue1245 from git.ffmpeg.org
* Support constant-quant encoding for libtheora, LP: #356322
* increase swscale compile time width (VOF/VOFW), LP: #443264[ Loïc Minier ]
* Update config for karmic's armel toolchain.
* Enable neon flavour; LP: #383240.
* Update NEON confflags to assume v7 and VFP.
* Add backported NEON patches from ffmpeg trunk; see debian/patches/ neon/.
* Pass proper --cpu and --extra-flags on armel.
* Pass -fPIC -DPIC to neon pass. - 36. By Reinhard Tartler
-
* merge from debian. Remaining changes:
- disabled output decoders: faad, openjpeg, dirac (all not in main)
- build arm vfp variant
- don't build depend on yasm.
* fix dependencies on -extra packages: LP: #418705, #416348
* no need to remove mpeg encoders in the ubuntu package, unless we hear
otherwise from some patent owner. This brings back the mpeg2video
encoder is available. cf. formats.txt.gz LP: #416585 - 35. By Reinhard Tartler
-
update the dependencies of the -dev packages for the
unstripped -> extra renaming - 33. By Reinhard Tartler
-
* merge from debian. Remaining changes:
- don't build-depend on libfaad-dev, disabling faad decoder.
- build arm vfp variant
- don't build libopenjpeg support (not in main)
* change shlibs file to make applications depend on the -extra- packages.
* don't build depend on yasm. - 32. By Reinhard Tartler
-
* don't build against faac in any case, it is deemed non-free
* update debian/changelog
* enable libopenjpeg support for the multiverse package
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/ffmpeg