Patchwork [00/16,v2] merge 16 CVE patches

login
register
mail settings
Submitter rongqing.li@windriver.com
Date July 22, 2014, 7:46 a.m.
Message ID <cover.1406015054.git.rongqing.li@windriver.com>
Download mbox
Permalink /patch/76305/
State New
Headers show

Pull-request

git://git.pokylinux.org/poky-contrib roy/gst-ff

Comments

rongqing.li@windriver.com - July 22, 2014, 7:46 a.m.
From: Roy Li <rongqing.li@windriver.com>

The following changes since commit 6bc3696d8451a23d743daf03ee98c4ba54ce4551:

  wget: Remove unneeded DEPENDS line (2014-07-21 19:10:30 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib roy/gst-ff
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=roy/gst-ff

Yue Tao (16):
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0866
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
  gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617

 .../0001-aacdec-check-channel-count.patch          |   34 ++++
 ...util-fix-signedness-in-sizeof-comparissio.patch |   40 +++++
 ...c-parser-reset-indexes-on-realloc-failure.patch |   50 ++++++
 ...a-Perform-pointer-advance-and-checks-befo.patch |   81 +++++++++
 ...-error-concealment-initialize-block-index.patch |   29 ++++
 ...alment-Check-that-the-picture-is-not-in-a.patch |   37 ++++
 .../0001-ffserver-set-oformat.patch                |   36 ++++
 .../0001-h264_sei-Fix-infinite-loop.patch          |   39 +++++
 ...check-width-more-completely-avoid-out-of-.patch |   30 ++++
 ...f-compute-probe-buffer-size-more-reliably.patch |   45 +++++
 ...er-dont-access-out-of-array-elements-at-t.patch |   44 +++++
 ...array-index-before-use-fix-out-of-array-a.patch |   30 ++++
 .../0001-qdm2dec-fix-buffer-overflow.patch         |   58 +++++++
 ...Check-that-the-last-indexes-are-within-th.patch |   32 ++++
 ...-vp3-Copy-all-3-frames-for-thread-updates.patch |   32 ++++
 ...-read-for-negative-tokens-and-memleaks-on.patch |  183 ++++++++++++++++++++
 .../gst-ffmpeg-CVE-2013-0855.patch                 |  100 +++++++++++
 .../gstreamer/gst-ffmpeg_0.10.13.bb                |   17 ++
 18 files changed, 917 insertions(+)
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-aacdec-check-channel-count.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-dsputil-fix-signedness-in-sizeof-comparissio.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-parser-reset-indexes-on-realloc-failure.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-rpza-Perform-pointer-advance-and-checks-befo.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-error-concealment-initialize-block-index.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-error_concealment-Check-that-the-picture-is-not-in-a.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-ffserver-set-oformat.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-h264_sei-Fix-infinite-loop.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-lavf-compute-probe-buffer-size-more-reliably.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-pngdec-filter-dont-access-out-of-array-elements-at-t.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-qdm2-check-array-index-before-use-fix-out-of-array-a.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-qdm2dec-fix-buffer-overflow.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-smackerdec-Check-that-the-last-indexes-are-within-th.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vp3-Copy-all-3-frames-for-thread-updates.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vp3-fix-oob-read-for-negative-tokens-and-memleaks-on.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/gst-ffmpeg-CVE-2013-0855.patch
Ross Burton - July 22, 2014, 8:22 a.m.
On 22 July 2014 08:46,  <rongqing.li@windriver.com> wrote:
> Yue Tao (16):
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0866
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
>   gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617

As there's no benefit in being able to bisect this, I think it would
be neater if these were squashed into a single commit.

Ross
rongqing.li@windriver.com - July 23, 2014, 1:32 a.m.
On 07/22/2014 04:22 PM, Burton, Ross wrote:
> On 22 July 2014 08:46,  <rongqing.li@windriver.com> wrote:
>> Yue Tao (16):
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0866
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
>>    gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617
>
> As there's no benefit in being able to bisect this, I think it would
> be neater if these were squashed into a single commit.
>

I am fine, Saul can squash them when merge

-Roy

> Ross
>
>