commit | ee99fe4088d0c75b3d2cfcd321d8af60b8fc959a | [log] [tgz] |
---|---|---|
author | Peter Korsgaard <peter@korsgaard.com> | Mon Nov 28 22:55:38 2016 +0100 |
committer | Peter Korsgaard <peter@korsgaard.com> | Mon Nov 28 23:09:30 2016 +0100 |
tree | fbe3c5a606a610299501112b0f0519a5c7f949c2 | |
parent | e920e521ac012e5f40720290341d8abceb41a6a6 [diff] |
gst1-plugins-bad: add upstream patch to fix security issue in vmnc decoder As detailed by Chris Evans, the vmnc decoder contains an integer overflow which can be exploited: https://scarybeastsecurity.blogspot.be/2016/11/0day-poc-risky-design-decisions-in.html Fixes CVE-2016-9445 and CVE-2016-9446. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>