Package: gpac / 0.7.1+dfsg1-3

Metadata

Package Version Patches format
gpac 0.7.1+dfsg1-3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
gcc optflags.patch | (download)

configure | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 add -o2 to cflags by default, -o0 if noopt is set.
dont err build on uknown system.patch | (download)

include/gpac/configuration.h | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 don't fail build intentionally on unknown systems
ffmpeg_4.patch | (download)

applications/dashcast/video_encoder.c | 2 1 + 1 - 0 !
modules/ffmpeg_in/ffmpeg_decode.c | 6 3 + 3 - 0 !
modules/redirect_av/ffmpeg_ts_muxer.c | 4 2 + 2 - 0 !
modules/redirect_av/redirect_av.c | 2 1 + 1 - 0 !
4 files changed, 7 insertions(+), 7 deletions(-)

 fix ftbfs with ffmpeg 4.0
fix_makefile_install.patch | (download)

Makefile | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

---
CVE 2018 7752.patch | (download)

include/gpac/tools.h | 1 1 + 0 - 0 !
src/isomedia/avc_ext.c | 2 2 + 0 - 0 !
src/media_tools/av_parsers.c | 4 4 + 0 - 0 !
3 files changed, 7 insertions(+)

 cve-2018-7752
Upstream: commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4

fix some exploitable overflows (#994, #997)


CVE 2018 20762.patch | (download)

applications/mp4box/fileimport.c | 20 20 + 0 - 0 !
applications/mp4client/main.c | 33 29 + 4 - 0 !
modules/ffmpeg_in/ffmpeg_demux.c | 7 5 + 2 - 0 !
src/scene_manager/scene_manager.c | 4 4 + 0 - 0 !
4 files changed, 58 insertions(+), 6 deletions(-)

 cve-2018-20762

    fix some overflows due to strcpy
    
    fixes #1184, #1186, #1187 among other things


CVE 2018 20763.patch | (download)

src/media_tools/text_import.c | 77 52 + 25 - 0 !
1 file changed, 52 insertions(+), 25 deletions(-)

 cve-2018-20763

    add some boundary checks on gf_text_get_utf8_line (#1188)


CVE 2018 20760.patch | (download)

src/media_tools/text_import.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 cve-2018-20760

    check error code on call to gf_utf8_wcstombs (#1177)


CVE 2018 13005.patch | (download)

include/gpac/internal/isomedia_dev.h | 2 1 + 1 - 0 !
src/isomedia/box_code_base.c | 2 1 + 1 - 0 !
src/isomedia/box_dump.c | 14 7 + 7 - 0 !
3 files changed, 9 insertions(+), 9 deletions(-)

 cve-2018-13005, cve-2018-13006

    fixed 2 possible heap overflows (inc. #1088)


CVE 2019 11221.patch | (download)

applications/mp4client/main.c | 2 1 + 1 - 0 !
src/media_tools/media_export.c | 2 1 + 1 - 0 !
src/media_tools/media_import.c | 2 1 + 1 - 0 !
src/scene_manager/loader_bt.c | 2 1 + 1 - 0 !
src/scene_manager/loader_isom.c | 2 1 + 1 - 0 !
src/scene_manager/loader_qt.c | 2 1 + 1 - 0 !
src/scene_manager/loader_svg.c | 2 1 + 1 - 0 !
src/scene_manager/loader_xmt.c | 2 1 + 1 - 0 !
src/scene_manager/swf_parse.c | 2 1 + 1 - 0 !
src/scene_manager/swf_svg.c | 2 1 + 1 - 0 !
src/scenegraph/xbl_process.c | 2 1 + 1 - 0 !
src/utils/alloc.c | 2 1 + 1 - 0 !
src/utils/xml_parser.c | 14 8 + 6 - 0 !
13 files changed, 20 insertions(+), 18 deletions(-)

 [patch] fix a bunch of vsprintf -> vsnprintf

closes #1203

CVE 2019 11222.patch | (download)

src/utils/os_divers.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 [patch] fix buffer overrun in gf_bin128_parse

closes #1204
closes #1205