Mailinglist Archive: opensuse-commit (1187 mails)

< Previous Next >
commit xine-lib
  • From: root@xxxxxxx (h_root)
  • Date: Thu, 13 Apr 2006 15:48:38 +0200 (CEST)
  • Message-id: <20060413134838.C1E578BE14@xxxxxxxxxxxxxxx>

Hello community,

here is the log from the commit of package xine-lib
checked in at Thu Apr 13 15:48:38 CEST 2006.

--------
--- xine-lib/xine-lib.changes 2006-03-30 13:14:19.000000000 +0200
+++ STABLE/xine-lib/xine-lib.changes 2006-04-11 11:32:23.000000000 +0200
@@ -1,0 +2,6 @@
+Tue Apr 11 11:30:58 CEST 2006 - mhopf@xxxxxxx
+
+- Security fix for http://www.xfocus.org/advisories/200603/11.html,
+ as far as xine is affected.
+
+-------------------------------------------------------------------

New:
----
xine-lib-demux_avi_indx_buffer.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xine-lib.spec ++++++
--- /var/tmp/diff_new_pack.tW6iOJ/_old 2006-04-13 15:48:04.000000000 +0200
+++ /var/tmp/diff_new_pack.tW6iOJ/_new 2006-04-13 15:48:04.000000000 +0200
@@ -15,7 +15,7 @@
%define DISTRIBUTABLE 1
Summary: Video Player with Plug-Ins
Version: 1.1.1
-Release: 14
+Release: 17
%define libversion 1.1.1
%define uiversion 0.99.4
Obsoletes: xine
@@ -43,6 +43,7 @@
Patch15: xine-lib-alsa-resume-fix.diff
Patch16: xine-lib-faad-x86_64.diff
Patch17: xine-lib-demuxcheckfor_mad_ffmpeg.diff
+Patch18: xine-lib-demux_avi_indx_buffer.diff
Patch100: xine-ui.diff
Patch102: vdr-xine-ui-0.7.6.diff
Patch103: xine-ui-fix-gcc-warnings.diff
@@ -110,7 +111,7 @@
Group: Productivity/Multimedia/Video/Players
Provides: xine:/usr/bin/xine
Version: 0.99.4
-Release: 22
+Release: 25
Autoreqprov: on

%description -n xine-ui
@@ -169,18 +170,17 @@
%prep
%setup -q -b 1
%patch
-#%patch2
%patch3
%patch4
%patch6
%patch7
%patch10
-#%patch12
%patch13
%patch14
%patch15
%patch16
%patch17
+%patch18
(cd ../xine-ui-%{uiversion}
%patch100
%patch102 -p1
@@ -521,6 +521,9 @@
/usr/include/xine.h

%changelog -n xine-lib
+* Tue Apr 11 2006 - mhopf@xxxxxxx
+- Security fix for http://www.xfocus.org/advisories/200603/11.html,
+ as far as xine is affected.
* Thu Mar 30 2006 - mhopf@xxxxxxx
- Fix for #157854: Check for mad and ffmpeg before advertizing mp3.
- Improved fix for shared images, but not shared pixmaps.


++++++ xine-lib-demux_avi_indx_buffer.diff ++++++
Index: src/demuxers/demux_avi.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/demuxers/demux_avi.c,v
retrieving revision 1.223
diff -u -r1.223 demux_avi.c
--- src/demuxers/demux_avi.c 4 Mar 2006 12:04:42 -0000 1.223
+++ src/demuxers/demux_avi.c 1 Apr 2006 23:51:12 -0000
@@ -1029,7 +1029,14 @@
lprintf("Invalid Header, bIndexSubType != 0\n");
}

- superindex->aIndex = malloc (superindex->wLongsPerEntry * superindex->nEntriesInUse * sizeof (uint32_t));
+ if (superindex->nEntriesInUse > n / sizeof (avisuperindex_entry))
+ {
+ lprintf("broken index !, dwSize=%d, entries=%d\n", n, superindex->nEntriesInUse);
+ i += 8 + n;
+ continue;
+ }
+
+ superindex->aIndex = malloc (superindex->nEntriesInUse * sizeof (avisuperindex_entry));
/* position of ix## chunks */
for (j = 0; j < superindex->nEntriesInUse; ++j) {
superindex->aIndex[j].qwOffset = LE_64 (a); a += 8;


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...


< Previous Next >
This Thread