rpms/xine-lib/devel xine-lib-1.1.4-CVE-2007-1246.patch, NONE, 1.1 xine-lib.spec, 1.10, 1.11

Ville Skytta (scop) fedora-extras-commits at redhat.com
Sat Mar 10 22:13:33 UTC 2007 

Author: scop

Update of /cvs/extras/rpms/xine-lib/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19552/devel

Modified Files:
	xine-lib.spec 
Added Files:
	xine-lib-1.1.4-CVE-2007-1246.patch 
Log Message:
* Sat Mar 10 2007 Ville Skyttä <ville.skytta at iki.fi> - 1.1.4-3
- Apply upstream fix for CVE-2007-1246.


xine-lib-1.1.4-CVE-2007-1246.patch:

--- NEW FILE xine-lib-1.1.4-CVE-2007-1246.patch ---
---------------------
PatchSet 8656 
Date: 2007/03/10 02:41:34
Author: dgp85
Branch: HEAD
Tag: (none) 
Log:
  * Security fixes:
    - Fix heap overflow in DMO loader. (CVE-2007-1246) [bug #1676925]
      Thanks to Kees Cook for reporting.

Members: 
	ChangeLog:1.724->1.725 
	src/libw32dll/DirectShow/DS_VideoDecoder.c:1.9->1.10 
	src/libw32dll/dmo/DMO_VideoDecoder.c:1.4->1.5 

Index: xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c
diff -u xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c:1.9 xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c:1.10
--- xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c:1.9	Wed Dec 24 16:55:36 2003
+++ xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c	Sat Mar 10 00:41:34 2007
@@ -110,6 +110,7 @@
      
         this->iv.m_bh = (BITMAPINFOHEADER*)malloc(bihs);
         memcpy(this->iv.m_bh, format, bihs);
+        this->iv.m_bh->biSize = bihs;
 
         this->iv.m_State = STOP;
         //this->iv.m_pFrame = 0;
Index: xine-lib/src/libw32dll/dmo/DMO_VideoDecoder.c
diff -u xine-lib/src/libw32dll/dmo/DMO_VideoDecoder.c:1.4 xine-lib/src/libw32dll/dmo/DMO_VideoDecoder.c:1.5
--- xine-lib/src/libw32dll/dmo/DMO_VideoDecoder.c:1.4	Wed Dec 24 16:55:36 2003
+++ xine-lib/src/libw32dll/dmo/DMO_VideoDecoder.c	Sat Mar 10 00:41:34 2007
@@ -118,6 +118,7 @@
      
         this->iv.m_bh = (BITMAPINFOHEADER*)malloc(bihs);
         memcpy(this->iv.m_bh, format, bihs);
+        this->iv.m_bh->biSize = bihs;
 
         this->iv.m_State = STOP;
         //this->iv.m_pFrame = 0;


Index: xine-lib.spec
===================================================================
RCS file: /cvs/extras/rpms/xine-lib/devel/xine-lib.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- xine-lib.spec	14 Feb 2007 18:44:03 -0000	1.10
+++ xine-lib.spec	10 Mar 2007 22:13:01 -0000	1.11
@@ -8,7 +8,7 @@
 Summary:        Xine library
 Name:           xine-lib
 Version:        1.1.4
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        GPL
 Group:          System Environment/Libraries
 URL:            http://xinehq.de/
@@ -21,6 +21,7 @@
 # autotools patch created with source2
 Patch0:         %{name}-1.1.4-autotools.patch.bz2
 Patch1:         %{name}-1.1.4-optflags.patch
+Patch2:         %{name}-1.1.4-CVE-2007-1246.patch
 Patch3:         %{name}-1.1.3-legacy-flac-init.patch
 Patch6:         %{name}-1.1.1-deepbind-939.patch
 Patch7:         %{name}-1.1.1-multilib-devel.patch
@@ -101,6 +102,7 @@
 touch -r configure.ac aclocal.m4
 touch -r m4/optimizations.m4 m4/optimizations.m4.stamp
 %patch1 -p1 -b .optflags
+%patch2 -p1 -b .CVE-2007-1246
 touch -r m4/optimizations.m4.stamp m4/optimizations.m4
 %patch3 -p0 -b .legacy-flac-init
 # Patch6 needed at least when compiling with external ffmpeg, #939.
@@ -284,6 +286,9 @@
 
 
 %changelog
+* Sat Mar 10 2007 Ville Skyttä <ville.skytta at iki.fi> - 1.1.4-3
+- Apply upstream fix for CVE-2007-1246.
+
 * Wed Feb 14 2007 Ville Skyttä <ville.skytta at iki.fi> - 1.1.4-2
 - Rebuild.

More information about the fedora-extras-commits mailing list