gst1-plugins-good: add upstream patches to fix security issue in flic decoder
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 27 Nov 2016 21:41:18 +0000 (22:41 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 28 Nov 2016 08:18:04 +0000 (09:18 +0100)
commit344566a778914d0161749619a3b1f00de0154e95
treed0f22b6841ecdea10b60cdd2fce5ae9a7285833d
parentcbe1f288d41e268c053d4355d65102eda721da2d
gst1-plugins-good: add upstream patches to fix security issue in flic decoder

As detailed by Chris Evans, the flic decoder contains a buffer overflow which
can be exploited to cause arbitrary code execution as the user running
gstreamer:

https://scarybeastsecurity.blogspot.be/2016/11/0day-exploit-advancing-exploitation.html

Fixes CVE-2016-9634, CVE-2016-9635 and CVE-2016-9636.

add the upstream patches to fix this issue.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/gstreamer1/gst1-plugins-good/0001-flxdec-add-some-write-bounds-checking.patch [new file with mode: 0644]
package/gstreamer1/gst1-plugins-good/0002-flxdec-fix-some-warnings-comparing-unsigned-0.patch [new file with mode: 0644]
package/gstreamer1/gst1-plugins-good/0003-flxdec-Don-t-unref-parent-in-the-chain-function.patch [new file with mode: 0644]
package/gstreamer1/gst1-plugins-good/0004-flxdec-rewrite-logic-based-on-GstByteReader-Writer.patch [new file with mode: 0644]