© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
(In reply to Chris Pearce (:cpearce) from comment #27)
> We apply several patches on top of our libvpx, and a couple on top of the
> Xiph Ogg libraries. I don't know if these have been fixed upstream yet.
> Possibly some or all of these patches have been upstreamed and our libraries
> are behind current-stable versions.
For libvpx, I believe the only patch that isn't upstream or a backport of a commit that is upstream is the one dealing with the stdint.h types.
For libogg, we have one Solaris-specific patch for inttypes.h that is not upstream, and that's it.
For libvorbis, we have a Solaris-specific patch for alloca, a fix for bug 719612 (CVE-2012-0444), which is upstream as r18151, and a fix for bug 722924 (no CVE), which is upstream as r18166. Both of these were released in libvorbis-1.3.3.
For Tremor, we have a similar fix for bug 719612, which is upstream in r18152. Tremor was not affected by bug 722924. Xiph.Org does not publish releases for Tremor.
For libtheora, we currently carry four patches (bug 468275, bug 625773, bug 752139, and bug 752668), all of which are upstream (in r18219, r17780, r18031, and r18268, respectively). None of these bugs affect the most recent stable release (libtheora-1.1.1). We are actually using a more recent (unreleased) snapshot.