subject:"Bug#1025205\: bullseye\-pu\: package mplayer\/2\:1.4\+ds1\-1\+deb11u1"

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

2022-12-09 Thread Moritz Mühlenhoff

Am Wed, Dec 07, 2022 at 08:31:06PM + schrieb Adam D. Barratt:
> Control: tags -1 + confirmed
> 
> On Wed, 2022-11-30 at 22:42 +0100, Moritz Muehlenhoff wrote:
> > This updates fixes various minor crashes in mplayer, which
> > don't warrant a DSA by itself. I've run the PoCs against
> > the updated build where applicable and also tested various
> > random media files.
> > 
> > Note this isn't fixed in unstable, since mplayer FTBFSes
> > with ffmpeg 5.0 and won't be in bookworm (#1005899).
> > 
> 
> Please go ahead.

Thanks! Upload.

Cheers,
Moritz

Processed: Re: Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

2022-12-07 Thread Debian Bug Tracking System

Processing control commands:

> tags -1 + confirmed
Bug #1025205 [release.debian.org] bullseye-pu: package 
mplayer/2:1.4+ds1-1+deb11u1
Added tag(s) confirmed.

-- 
1025205: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025205
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

2022-12-07 Thread Adam D. Barratt

Control: tags -1 + confirmed

On Wed, 2022-11-30 at 22:42 +0100, Moritz Muehlenhoff wrote:
> This updates fixes various minor crashes in mplayer, which
> don't warrant a DSA by itself. I've run the PoCs against
> the updated build where applicable and also tested various
> random media files.
> 
> Note this isn't fixed in unstable, since mplayer FTBFSes
> with ffmpeg 5.0 and won't be in bookworm (#1005899).
> 

Please go ahead.

Regards,

Adam

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

2022-11-30 Thread Moritz Muehlenhoff

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

This updates fixes various minor crashes in mplayer, which
don't warrant a DSA by itself. I've run the PoCs against
the updated build where applicable and also tested various
random media files.

Note this isn't fixed in unstable, since mplayer FTBFSes
with ffmpeg 5.0 and won't be in bookworm (#1005899).

Cheers,
Moritz

diff -Nru mplayer-1.4+ds1/debian/changelog mplayer-1.4+ds1/debian/changelog
--- mplayer-1.4+ds1/debian/changelog2020-10-15 00:13:44.0 +0200
+++ mplayer-1.4+ds1/debian/changelog2022-11-28 21:31:43.0 +0100
@@ -1,3 +1,19 @@
+mplayer (2:1.4+ds1-1+deb11u1) bullseye; urgency=medium
+
+  * Backport the following commits:
+d19ea1ce173e95c31b0e8acbe471ea26c292be2b (CVE-2022-38850)
+58db9292a414ebf13a2cacdb3ffa967fb9036935 (CVE-2022-38851)
+2f6e69e59e2614acdde5505b049c48f80a3d0eb7 (CVE-2022-38855)
+92e0d0b1a04dfdd4ac741e0d07005e3ece2c92ca (CVE-2022-38858)
+62fe0c63cf4fba91efd29bbc85309280e1a99a47 (CVE-2022-38860)
+2622e7fbe3605a2f3b4f74900197fefeedc0d2e1 (CVE-2022-38861)
+b5e745b4bfab2835103a060094fae3c6cc1ba17d (CVE-2022-38863)
+36546389ef9fb6b0e0540c5c3f212534c34b0e94 (CVE-2022-38864)
+33d9295663c37a37216633d7e3f07e7155da6144 (CVE-2022-38865)
+373517da3bb5781726565eb3114a2697b13f00f2 (CVE-2022-38866)
+
+ -- Moritz Mühlenhoff   Mon, 28 Nov 2022 21:31:43 +0100
+
 mplayer (2:1.4+ds1-1) unstable; urgency=medium
 
   * Team upload
diff -Nru 
mplayer-1.4+ds1/debian/patches/CVE-2022-38850_CVE-2022-38851_CVE-2022-38855_CVE-2022-38858_CVE-2022-38860_CVE-2022-38861_CVE-2022-38863_CVE-2022-38864_CVE-2022-38865_CVE-2022-38866.patch
 
mplayer-1.4+ds1/debian/patches/CVE-2022-38850_CVE-2022-38851_CVE-2022-38855_CVE-2022-38858_CVE-2022-38860_CVE-2022-38861_CVE-2022-38863_CVE-2022-38864_CVE-2022-38865_CVE-2022-38866.patch
--- 
mplayer-1.4+ds1/debian/patches/CVE-2022-38850_CVE-2022-38851_CVE-2022-38855_CVE-2022-38858_CVE-2022-38860_CVE-2022-38861_CVE-2022-38863_CVE-2022-38864_CVE-2022-38865_CVE-2022-38866.patch
  1970-01-01 01:00:00.0 +0100
+++ 
mplayer-1.4+ds1/debian/patches/CVE-2022-38850_CVE-2022-38851_CVE-2022-38855_CVE-2022-38858_CVE-2022-38860_CVE-2022-38861_CVE-2022-38863_CVE-2022-38864_CVE-2022-38865_CVE-2022-38866.patch
  2022-11-28 21:31:07.0 +0100
@@ -0,0 +1,235 @@
+Backports of the following commits:
+
+d19ea1ce173e95c31b0e8acbe471ea26c292be2b (CVE-2022-38850)
+[PATCH] vd.c: sanity-check aspect adjustment
+
+58db9292a414ebf13a2cacdb3ffa967fb9036935 (CVE-2022-38851)
+PATCH] asfheader.c: Fix CHECKDEC macro.
+
+2f6e69e59e2614acdde5505b049c48f80a3d0eb7 (CVE-2022-38855)
+[PATCH] demux_mov.c: Add bounds checks to debug prints.
+
+92e0d0b1a04dfdd4ac741e0d07005e3ece2c92ca (CVE-2022-38858)
+[PATCH] demux_mov.c: robustness fixes.
+
+62fe0c63cf4fba91efd29bbc85309280e1a99a47 (CVE-2022-38860)
+[PATCH] demux_avi.c: check that sh->wf exists before using it.
+
+2622e7fbe3605a2f3b4f74900197fefeedc0d2e1 (CVE-2022-38861)
+[PATCH] mp_image.c: fix allocation size for formats with odd width.
+
+b5e745b4bfab2835103a060094fae3c6cc1ba17d (CVE-2022-38863)
+[PATCH] mpeg_hdr.c: Allocate 0xff initialized padding.
+
+36546389ef9fb6b0e0540c5c3f212534c34b0e94 (CVE-2022-38864)
+[PATCH] mpeg_hdr.c: Fix unescape code.
+
+33d9295663c37a37216633d7e3f07e7155da6144 (CVE-2022-38865)
+[PATCH] demux_avi.c: Fixup invalid audio block size.
+
+373517da3bb5781726565eb3114a2697b13f00f2 (CVE-2022-38866)
+[PATCH] aviheader.c: Fix allocation size for vprp
+
+
+--- mplayer-1.4+ds1.orig/libmpcodecs/mp_image.c
 mplayer-1.4+ds1/libmpcodecs/mp_image.c
+@@ -51,8 +51,12 @@ void mp_image_alloc_planes(mp_image_t *m
+   }
+ mpi->planes[0]=av_malloc(mpi->bpp*mpi->width*(mpi->height+2)/8+
+ mpi->chroma_width*mpi->chroma_height);
+-  } else
+-mpi->planes[0]=av_malloc(mpi->bpp*mpi->width*(mpi->height+2)/8);
++  } else {
++// for odd width round up to be on the safe side,
++// required in particular for planar formats
++int alloc_w = mpi->width + (mpi->width & 1);
++mpi->planes[0]=av_malloc(mpi->bpp*alloc_w*(mpi->height+2)/8);
++  }
+   if (mpi->flags_IMGFLAG_PLANAR) {
+ int bpp = IMGFMT_IS_YUVP16(mpi->imgfmt)? 2 : 1;
+ // YV12/I420/YVU9/IF09. feel free to add other planar formats here...
+--- mplayer-1.4+ds1.orig/libmpcodecs/vd.c
 mplayer-1.4+ds1/libmpcodecs/vd.c
+@@ -332,7 +332,7 @@ int mpcodecs_config_vo(sh_video_t *sh, i
+ screen_size_y = screen_size_xy * sh->disp_h / sh->disp_w;
+ }
+ }
+-if (sh->aspect >= 0.01) {
++if (sh->aspect >= 0.01 && sh->aspect <= 100) {
+ int w;
+ mp_msg(MSGT_CPLAYER, MSGL_INFO, MSGTR_MovieAspectIsSet,
+sh->aspect);
+@@ -350,6 +350,8 @@ int mpcodecs_config_vo(sh_video_t *sh, i
+ } else {
+ mp_msg(MSGT_CPLAYER, MSGL_INFO, MSGTR_MovieAspectUndefined);
+

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

Processed: Re: Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

Bug#1025205: bullseye-pu: package mplayer/2:1.4+ds1-1+deb11u1

4 matches

Site Navigation

Mail list logo

Footer information