projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6b49a7) | patch
vlc: add upstream security patches fixing CVE-2017-10699
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 3 Jul 2017 15:01:40 +0000 (17:01 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 3 Jul 2017 19:59:41 +0000 (21:59 +0200)
commitb9153ed9546ab00eb78c30899a62d3e868a7a778
treeed828e4b68233fc929b276479acfbb7f8ddf206dtree
parenta6b49a7e8cf09e2f01790d39f216d43fa3f3ea4ccommit | diff
vlc: add upstream security patches fixing CVE-2017-10699

avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before
2017-06-29, allows out-of-bounds heap memory write due to calling memcpy()
with a wrong size, leading to a denial of service (application crash) or
possibly code execution.

https://trac.videolan.org/vlc/ticket/18467

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/vlc/0013-codec-avcodec-check-avcodec-visible-sizes.patch [new file with mode: 0644] blob
package/vlc/0014-decoder-check-visible-size-when-creating-buffer.patch [new file with mode: 0644] blob