]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 70bf8c8) | patch
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
authorYue Tao <Yue.Tao@windriver.com>
Mon, 14 Apr 2014 10:58:29 +0000 (18:58 +0800)
committerSaul Wold <sgw@linux.intel.com>
Wed, 21 May 2014 15:23:10 +0000 (08:23 -0700)
commit4a93fc0a63cedbebfdc9577e2f1deb3598fb5851
tree3cfd9760cc6304ee0f86270e6d65d560a945c0batree | snapshot
parent70bf8c8dea82e914a6dcf67aefb6386dbc7706cdcommit | diff
gst-ffmpeg: fix for Security Advisory CVE-2013-0865

The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vqavideo-check-chunk-sizes-before-reading-chunks.patch [new file with mode: 0644] blob
meta/recipes-multimedia/gstreamer/gst-ffmpeg_0.10.13.bb diff | blob | history
Mirror of the official openembedded-core repository