Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > Mageia > 1 > i586 > by-pkgid > 97f9a5da849cd900883963cb8ce1202c > changelog

avidemux-2.5.4-5.3.mga1.i586.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Sun Aug 5 2012 luigiwalser <luigiwalser> 2.5.4-5.3.mga1

  + Revision: 278523
  - sync ffmpeg git patches from mplayer package to fix:
  - CVE-2011-3892
  - CVE-2011-3893
  - CVE-2011-3895
  - CVE-2011-3940
  - CVE-2011-3929
  - CVE-2011-3936
  - CVE-2012-0853
  - CVE-2011-3947
  - CVE-2011-3945
  - CVE-2012-0947
  - CVE-2011-3951
  - CVE-2012-0850
  - CVE-2012-0851
  - CVE-2012-0852
  - CVE-2012-0858
  - CVE-2011-3952
  
  + doktor5000
  - removed unused bundled tarballs of ffmpeg and libswscale
  - fixed CVE-2011-1196, denial of service and possible code execution via
  malformed OGG file (from Ubuntu, cve-2011-1196.patch)
  - fixed CVE-2011-3362, arbitrary code execution via malformed CAVS file
  (from Ubuntu, cve-2011-3362.patch)
  - fixed CVE-2011-1931, denial of service and possible code execution via
  malformed AMV file (from Ubuntu, CVE-2011-1931.patch)
  - fixed CVE-2011-2161, denial of service via malformed APE file
  (from Ubuntu, CVE-2011-2161.patch)
  - fixed CVE-2011-0480, denial of service and possible code execution via
  crafted WebM file (rediffed from Ubuntu,
  mplayer-1.4.0-mga-fix-CVE-2011-0480.patch)
  - fixed CVE-2011-0723, denial of service and possible code execution via
  crafted VC1 file (from Ubuntu, fix-CVE-2011-0723.patch)
  - fixed CVE-2010-3429, arbitrary offset dereference vulnerability in flic video
  codec (from Ubuntu, fix-CVE-2010-3429.patch)
  - fixed CVE-2010-4704, denial of service via crafted .ogg file
  (from Ubuntu, fix-CVE-2010-4704.patch)
  - fixed CVE-2009-4636, denial of service via a crafted .aac file that triggers
  an infinite loop (from Mandriva, ffmpeg-CVE-2009-4636.patch)
  - fixed CVE-2011-0722, denial of service (heap memory corruption and
  application crash) or possibly execute arbitrary code via a malformed
  RealMedia file (from Mandriva, fmpeg-CVE-2011-0722.patch)
  - fixed CVE-2011-3504, arbitrary code execution via a crafted Matroska file
  (from Ubuntu, CVE-2011-3504.patch)
  - fixed CVE-2011-4351, buffer overflow via error within the QDM2 decoder
  (from Ubuntu, CVE-2011-4351.patch)
  - fixed CVE-2011-4352, buffer overflow within the "vp3_dequant()" function
  (from Ubuntu, CVE-2011-4352.patch)
  - fixed CVE-2011-4353, out-of-bounds reads via errors within the
  "av_image_fill_pointers()", the "vp5_parse_coeff()", and the
  "vp6_parse_coeff()" functions (from Ubuntu, CVE-2011-4353.patch)
  - fixed CVE-2011-4364, denial of service or arbitrary code execution via a
  malformed VMD file (from Ubuntu, CVE-2011-4364.patch)
  - fixed CVE-2011-4579, memory corruption via an error within the
  "svq1_decode_frame()" function (from Ubuntu, CVE-2011-4579.patch)
  - fix unchecked return values that may cause a crash
  (from upstream, check_all_svq3_get_ue_golomb_returns.patch)
  - security fix for ffmpeg-mov_bad_timings (from Mandriva)
  - security fix for ffmpeg-mp3_outlen (from Mandriva)
  - security fix for ffmpeg-vorbis_zero_samplerate (from Mandriva)
  
  + ahmad
  - Enable tainted building (mga#1673)

• Wed Apr 27 2011 wally <wally> 2.5.4-5.mga1

  + Revision: 92131
  - fix desktop file names (mga#954)
  - drop buildroot definition

• Tue Feb 22 2011 ahmad <ahmad> 2.5.4-4.mga1

  + Revision: 55875
  - drop esound-devel (phasing out esound from the distro)
  
  + anssi
  - remove old macros
  - imported package avidemux