ee99fe4088d0c75b3d2cfcd321d8af60b8fc959a - buildroot

commit	ee99fe4088d0c75b3d2cfcd321d8af60b8fc959a	[log] [tgz]
author	Peter Korsgaard <peter@korsgaard.com>	Mon Nov 28 22:55:38 2016 +0100
committer	Peter Korsgaard <peter@korsgaard.com>	Mon Nov 28 23:09:30 2016 +0100
tree	fbe3c5a606a610299501112b0f0519a5c7f949c2
parent	e920e521ac012e5f40720290341d8abceb41a6a6 [diff]

gst1-plugins-bad: add upstream patch to fix security issue in vmnc decoder

As detailed by Chris Evans, the vmnc decoder contains an integer overflow which
can be exploited:

https://scarybeastsecurity.blogspot.be/2016/11/0day-poc-risky-design-decisions-in.html

Fixes CVE-2016-9445 and CVE-2016-9446.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gstreamer1/gst1-plugins-bad/0001-vmncdec-Sanity-check-width-height-before-using-it.patch[Added - diff]

1 file changed

tree: fbe3c5a606a610299501112b0f0519a5c7f949c2

arch/
board/
boot/
configs/
docs/
fs/
linux/
package/
support/
system/
toolchain/
.defconfig
.gitignore
CHANGES
Config.in
Config.in.legacy
COPYING
DEVELOPERS
Makefile
Makefile.legacy
README