Hello community, here is the log from the commit of package gstreamer-0_10-plugins-good checked in at Sun Apr 20 21:36:31 CEST 2008. -------- --- GNOME/gstreamer-0_10-plugins-good/gstreamer-0_10-plugins-good.changes 2008-04-08 13:38:02.000000000 +0200 +++ gstreamer-0_10-plugins-good/gstreamer-0_10-plugins-good.changes 2008-04-15 00:53:53.455695000 +0200 @@ -1,0 +2,6 @@ +Tue Apr 15 00:56:51 CEST 2008 - maw@suse.de + +- Add gst-plugins-good-speex-header-boundscheck.patch (bnc#379099, + bnc#377602, and CVE-2008-1686). + +------------------------------------------------------------------- New: ---- gst-plugins-good-speex-header-boundscheck.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gstreamer-0_10-plugins-good.spec ++++++ --- /var/tmp/diff_new_pack.h16137/_old 2008-04-20 21:33:48.000000000 +0200 +++ /var/tmp/diff_new_pack.h16137/_new 2008-04-20 21:33:48.000000000 +0200 @@ -14,7 +14,7 @@ Name: gstreamer-0_10-plugins-good %define _name gst-plugins-good Version: 0.10.7 -Release: 14 +Release: 18 %define gst_branch 0.10 BuildRequires: aalib-devel cairo-devel check-devel esound-devel flac-devel gcc-c++ gconf2-devel gstreamer-0_10-plugins-base-devel gtk-doc gtk2-devel hal-devel ladspa-devel libcaca-devel libcdio-devel libdv-devel libjpeg-devel liboil-devel libshout-devel libtheora-devel libvorbis-devel pyxml sgml-skel speex-devel taglib-devel wavpack-devel %if %suse_version < 1020 @@ -29,6 +29,7 @@ License: LGPL v2.1 or later Group: Productivity/Multimedia/Other Source: %{_name}-%{version}.tar.bz2 +Patch0: gst-plugins-good-speex-header-boundscheck.patch Url: http://gstreamer.freedesktop.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: GStreamer Streaming-Media Framework Plug-Ins @@ -170,6 +171,7 @@ %lang_package %prep %setup -q -n %{_name}-%{version} +%patch0 -p0 # HACK: Required for gst-plugins-base-0.10.15 x gst-plugins-good-0.10.6 # gstid3v2mux.cc:547: error: 'GST_TAG_MUSICBRAINZ_SORTNAME' was not declared in this scope sed -i s/-DGST_DISABLE_DEPRECATED// configure.ac @@ -278,6 +280,9 @@ %{_libdir}/gstreamer-%{gst_branch}/libgstvideobox.so %changelog +* Tue Apr 15 2008 maw@suse.de +- Add gst-plugins-good-speex-header-boundscheck.patch (bnc#379099, + bnc#377602, and CVE-2008-1686). * Tue Apr 08 2008 sbrabec@suse.cz - Fixed Obsoletes (bnc#357153). * Mon Mar 10 2008 maw@suse.de ++++++ gst-plugins-good-speex-header-boundscheck.patch ++++++ === modified file 'ext/speex/gstspeexdec.c' --- ext/speex/gstspeexdec.c 2008-04-14 22:49:12 +0000 +++ ext/speex/gstspeexdec.c 2008-04-14 22:50:27 +0000 @@ -507,7 +507,7 @@ if (!dec->header) goto no_header; - if (dec->header->mode >= SPEEX_NB_MODES) + if (dec->header->mode >= SPEEX_NB_MODES || dec->header->mode < 0) goto mode_too_old; dec->mode = (SpeexMode *) speex_mode_list[dec->header->mode]; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org