Google Git
Sign in
android-kvm / buildroot / 0a860f21e1b8004ee937c20d54d29a5e66f96651
commit0a860f21e1b8004ee937c20d54d29a5e66f96651[log] [tgz]
authorFabrice Fontaine <fontaine.fabrice@gmail.com>Fri May 15 23:13:27 2020 +0200
committerPeter Korsgaard <peter@korsgaard.com>Fri May 29 22:05:51 2020 +0200
treed8d5693c34ed970e56e4cb2bf9e60234ccc7c435
parente1af92592ec591270ef7f86a56562d119f2a46e1 [diff]
package/mp4v2: security bump to version 4.1.3

- Switch site to an active fork
- Send patch upstream
- Update indentation in hash file (two spaces)
- Fix the following CVEs:
  - CVE-2018-14054: A double free exists in the MP4StringProperty class
    in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again
    in the destructor once an exception is triggered.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/f09cceeee5bd7f783fd31f10e8b3c440ccf4c743
  - CVE-2018-14325: In MP4v2 2.0.0, there is an integer underflow (with
    resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/e475013c6ef78093055a02b0d035eda0f9f01451
  - CVE-2018-14326: In MP4v2 2.0.0, there is an integer overflow (with
    resultant memory corruption) when resizing MP4Array for the ftyp
    atom in mp4array.h.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/70d823ccd8e2d7d0ed9e62fb7e8983d21e6acbeb
  - CVE-2018-14379: MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0
    incorrectly uses the MP4ItemAtom data type in a certain case where
    MP4DataAtom is required, which allows remote attackers to cause a
    denial of service (memory corruption) or possibly have unspecified
    other impact via a crafted MP4 file, because access to the data
    structure has different expectations about layout as a result of
    this type confusion.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/73f38b4296aeb38617fa3923018bb78671c3b833
  - CVE-2018-14403: MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0
    mishandles substrings of atom names, leading to use of an
    inappropriate data type for associated atoms. The resulting type
    confusion can cause out-of-bounds memory access.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/51cb6b36f6c8edf9f195d5858eac9ba18b334a16

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 files changed
tree: d8d5693c34ed970e56e4cb2bf9e60234ccc7c435
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .defconfig
  14. .flake8
  15. .gitignore
  16. .gitlab-ci.yml
  17. .gitlab-ci.yml.in
  18. CHANGES
  19. Config.in
  20. Config.in.legacy
  21. COPYING
  22. DEVELOPERS
  23. Makefile
  24. Makefile.legacy
  25. README