]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commit
projects / coffee / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0c7f53f) | patch
vlc: add upstream security patches fixing CVE-2017-10699
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 3 Jul 2017 15:01:40 +0000 (17:01 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 4 Jul 2017 15:39:37 +0000 (17:39 +0200)
commit2a670e41eb4c86456370148afaaa9b331e5f5f34
tree0ea48cc38bce926d6250546cf291fe54623b4e5btree | snapshot
parent0c7f53fbbf33a0e679d0cdc393206cb78d56994ccommit | diff
vlc: add upstream security patches fixing CVE-2017-10699

avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before
2017-06-29, allows out-of-bounds heap memory write due to calling memcpy()
with a wrong size, leading to a denial of service (application crash) or
possibly code execution.

https://trac.videolan.org/vlc/ticket/18467

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b9153ed9546ab00eb78c30899a62d3e868a7a778)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/vlc/0013-codec-avcodec-check-avcodec-visible-sizes.patch [new file with mode: 0644] blob
package/vlc/0014-decoder-check-visible-size-when-creating-buffer.patch [new file with mode: 0644] blob