diff -u vlc-0.8.6-svn20061012.debian/debian/changelog vlc-0.8.6-svn20061012.debian/debian/changelog --- vlc-0.8.6-svn20061012.debian/debian/changelog +++ vlc-0.8.6-svn20061012.debian/debian/changelog @@ -1,3 +1,17 @@ +vlc (0.8.6-svn20061012.debian-1ubuntu1.2) edgy-security; urgency=low + + * SECURITY UPDATE: + - debian/patches/031_CVE-2008-0984.diff (LP: #195949) + + VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer) suffers + from an arbitrary memory overwrite vulnerability when using crash the player + instance. + + * References + - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0984 + - http://www.videolan.org/security/sa0802.html + + -- Emanuele Gentili Tue, 11 Mar 2008 20:25:38 +0100 + vlc (0.8.6-svn20061012.debian-1ubuntu1.1) edgy-security; urgency=low * SECURITY UPDATE: arbitrary code execution via format strings. diff -u vlc-0.8.6-svn20061012.debian/debian/patches/series vlc-0.8.6-svn20061012.debian/debian/patches/series --- vlc-0.8.6-svn20061012.debian/debian/patches/series +++ vlc-0.8.6-svn20061012.debian/debian/patches/series @@ -8,0 +9 @@ +CVE-2008-0984.patch only in patch2: unchanged: --- vlc-0.8.6-svn20061012.debian.orig/debian/patches/CVE-2008-0984.patch +++ vlc-0.8.6-svn20061012.debian/debian/patches/CVE-2008-0984.patch @@ -0,0 +1,17 @@ +Index: vlc-0.8.6/modules/demux/mp4/mp4.c +=================================================================== +--- vlc-0.8.6.orig/modules/demux/mp4/mp4.c 2008-03-11 20:23:58.000000000 +0100 ++++ vlc-0.8.6/modules/demux/mp4/mp4.c 2008-03-11 20:24:43.000000000 +0100 +@@ -971,6 +971,12 @@ + for( i_chunk = p_stsc->data.p_stsc->i_first_chunk[i_index] - 1; + i_chunk < i_last; i_chunk++ ) + { ++ if( i_chunk >= p_demux_track->i_chunk_count ) ++ { ++ msg_Warn( p_demux, "corrupted chunk table" ); ++ return VLC_EGENERIC; ++ } ++ + p_demux_track->chunk[i_chunk].i_sample_description_index = + p_stsc->data.p_stsc->i_sample_description_index[i_index]; + p_demux_track->chunk[i_chunk].i_sample_count =