← Back to branch summary

~ubuntu-branches/ubuntu/intrepid/xine-lib/intrepid-updates

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2009-01-21 08:32:25 UTC
  • Revision ID: james.westby@ubuntu.com-20090121083225-gca4jd9ig6r7qv2b
Tags: 1.1.15-0ubuntu3.1
* SECURITY UPDATE: backported security fixes from upstream xine-lib hg repo:
  - debian/patches/01_SECURITY_invalid_track_type.dpatch: Avoid segfault on
    invalid track type in Matroska files.
  - debian/patches/02_SECURITY_ffmpeg_video_overflow.dpatch: Heap buffer
    overflow in the ffmpeg video decoder.
  - debian/patches/03_SECURITY_ffmpeg_audio_overflow.dpatch: Integer overflow
    in the ffmpeg audio decoder
  - debian/patches/04_SECURITY_cdda_server_overflow.dpatch: Integer overflow
    in the the CDDA server.
  - debian/patches/05_SECURITY_CVE-2008-5234.dpatch: Heap overflow and
    unchecked malloc in Quicktime atom parsing. (CVE-2008-5234, CVE-2008-5242)
  - debian/patches/06_SECURITY_CVE-2008-5236.dpatch: Buffer overflows in
    Matroska, Real and RealAudio demuxers. (CVE-2008-5236)
  - debian/patches/07_SECURITY_CVE-2008-5237.dpatch: Integer overflows in
    MNG and QT demuxers. (CVE-2008-5237)
  - debian/patches/08_SECURITY_CVE-2008-5239.dpatch: Out-of-bounds reads and
    heap-based buffer overflows from unchecked or incompletely-checked read
    function results. (CVE-2008-5239)
  - debian/patches/09_SECURITY_CVE-2008-5240.dpatch: Unchecked malloc using
    untrusted values. (CVE-2008-5240)
  - debian/patches/10_SECURITY_CVE-2008-5241.dpatch: Integer underflow in qt
    compressed atom handling. (CVE-2008-5241)
  - debian/patches/11_SECURITY_CVE-2008-5243.dpatch: Buffer indexing using
    untrusted or unchecked values. (CVE-2008-5243)

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
xine-lib (1.1.15-0ubuntu3.1) intrepid-security; urgency=low
 
2
 
 
3
  * SECURITY UPDATE: backported security fixes from upstream xine-lib hg repo:
 
4
    - debian/patches/01_SECURITY_invalid_track_type.dpatch: Avoid segfault on
 
5
      invalid track type in Matroska files.
 
6
    - debian/patches/02_SECURITY_ffmpeg_video_overflow.dpatch: Heap buffer
 
7
      overflow in the ffmpeg video decoder.
 
8
    - debian/patches/03_SECURITY_ffmpeg_audio_overflow.dpatch: Integer overflow
 
9
      in the ffmpeg audio decoder
 
10
    - debian/patches/04_SECURITY_cdda_server_overflow.dpatch: Integer overflow
 
11
      in the the CDDA server.
 
12
    - debian/patches/05_SECURITY_CVE-2008-5234.dpatch: Heap overflow and
 
13
      unchecked malloc in Quicktime atom parsing. (CVE-2008-5234, CVE-2008-5242)
 
14
    - debian/patches/06_SECURITY_CVE-2008-5236.dpatch: Buffer overflows in
 
15
      Matroska, Real and RealAudio demuxers. (CVE-2008-5236)
 
16
    - debian/patches/07_SECURITY_CVE-2008-5237.dpatch: Integer overflows in
 
17
      MNG and QT demuxers. (CVE-2008-5237)
 
18
    - debian/patches/08_SECURITY_CVE-2008-5239.dpatch: Out-of-bounds reads and
 
19
      heap-based buffer overflows from unchecked or incompletely-checked read
 
20
      function results. (CVE-2008-5239)
 
21
    - debian/patches/09_SECURITY_CVE-2008-5240.dpatch: Unchecked malloc using
 
22
      untrusted values. (CVE-2008-5240)
 
23
    - debian/patches/10_SECURITY_CVE-2008-5241.dpatch: Integer underflow in qt
 
24
      compressed atom handling. (CVE-2008-5241)
 
25
    - debian/patches/11_SECURITY_CVE-2008-5243.dpatch: Buffer indexing using
 
26
      untrusted or unchecked values. (CVE-2008-5243)
 
27
 
 
28
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 21 Jan 2009 08:32:25 -0500 
 
29
 
1
30
xine-lib (1.1.15-0ubuntu3) intrepid; urgency=low
2
31
 
3
32
  * Changed xine-engine/buffer.h to use __inline__