~ubuntu-branches/ubuntu/karmic/ffmpeg/karmic-security

Viewing all changes in revision 38.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2010-04-08 09:34:05 UTC
  • Revision ID: james.westby@ubuntu.com-20100408093405-kiufy18m0a2536ax
Tags: 4:0.5+svn20090706-2ubuntu2.1
* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id
    and codec_type, make sure priv_data is freed and codec is set to NULL
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: