]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: bf7b08d) | patch
gst-ffmpeg: fix for Security Advisory CVE-2013-0849
authorYue Tao <Yue.Tao@windriver.com>
Mon, 28 Apr 2014 03:12:34 +0000 (11:12 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 29 May 2014 12:42:13 +0000 (13:42 +0100)
commit2a6b495d9f6017874057942b1ba42ab220c7c517
treee52a8f73db4681e7aa9c23181ab5af68c50e6800tree | snapshot
parentbf7b08d94c1d8282ca7ea584254d5c0d1fd7e469commit | diff
gst-ffmpeg: fix for Security Advisory CVE-2013-0849

The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849

(From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-roqvideodec-check-dimensions-validity.patch [new file with mode: 0644] blob
meta/recipes-multimedia/gstreamer/gst-ffmpeg_0.10.13.bb diff | blob | history
Mirror of the official openembedded-core repository