Page MenuHomeSolus
Differential D1432

Update vlc to 2.2.8 to address CVE-2017-10699
ClosedPublic
Actions

Authored by kyrios123 on Nov 22 2017, 10:25 AM.

Details

Reviewers
Justin
Group Reviewers
Triage Team
Maniphest Tasks
T5099: Update VLC Media Player to v2.2.8
Commits
R3140:2f507da4639f: Update vlc to 2.2.8 to address CVE-2017-10699
Summary
  • Fix flac heap write overflow on format change
  • Fix crash in libavcodec module (heap write out-of band) (CVE-2017-10699)
  • Fix infinite loop in sami subtitle
  • Fix AAC 7.1 channels detection

Demuxers

  • Fix potential crash in ASX parser
  • Fix AVI read/write overflow

Video Output:

  • Fix Direct3D9 output with odd offsets

Misc

  • Fix crash in MTP
  • Support libupnp 1.8
  • Translations updates

Closes T5099

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan

Play a couple of .avi and .ogg files

Diff Detail

Repository
R3140 vlc
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kyrios123 created this revision.Nov 22 2017, 10:25 AM
Herald added a reviewer: Triage Team. · View Herald TranscriptNov 22 2017, 10:25 AM
kyrios123 added a project: Restricted Project.Nov 22 2017, 11:50 AM
Justin added a subscriber: Justin.Nov 23 2017, 12:09 AM

Again, please list why you removed builddeps. If you make a change in a package other than relno, version, please document why.

ikey added a subscriber: ikey.Nov 23 2017, 12:24 AM

Looks to me like the deps were duped and implicit before and/or lacking pkgconfig names. I see no issue with the patch

Justin accepted this revision.Nov 23 2017, 12:34 AM

If the boss man says it's good, it's gud!

This revision is now accepted and ready to land.Nov 23 2017, 12:34 AM
Closed by commit R3140:2f507da4639f: Update vlc to 2.2.8 to address CVE-2017-10699 (authored by kyrios123, committed by kyrios123). · Explain WhyNov 23 2017, 7:44 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Diff 3578

View Options

package.yml

Loading...
View Options

pspec_x86_64.xml

Loading...
View Options

test.patch

Loading...
Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.