-
gst-plugins-base0.10 (0.10.36-2ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: heap overflow in RTSP parser
- debian/patches/CVE-2019-9928.patch: limit length in
gst-libs/gst/rtsp/gstrtspconnection.c.
- CVE-2019-9928
-- Marc Deslauriers <email address hidden> Fri, 26 Apr 2019 09:43:52 -0400
-
gst-plugins-base0.10 (0.10.36-2ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: DoS in windows_icon_typefind
- debian/patches/CVE-2016-9811.patch: add bounds check in
gst/typefind/gsttypefindfunctions.c.
- CVE-2016-9811
* SECURITY UPDATE: DoS in gst_riff_create_audio_caps
- debian/patches/CVE-2017-5837.patch: check for valid channels/rate in
gst-libs/gst/riff/riff-media.c.
- CVE-2017-5837
* SECURITY UPDATE: DoS in gst_riff_create_audio_caps
- debian/patches/CVE-2017-5844.patch: fix divide by zero in
gst-libs/gst/riff/riff-media.c.
- CVE-2017-5844
* debian/patches/docs_ftbfs.patch: fix FTBFS.
-- Marc Deslauriers <email address hidden> Thu, 23 Mar 2017 13:31:32 -0400
-
gst-plugins-base0.10 (0.10.36-2) unstable; urgency=medium
* Thanks for the NMUs
* 0001-audiodecoder-don-t-discard-timestamps-when-consecuti.patch:
Cherry-pick from upstream to hopefully fix more mp3 to ogg transitions.
-- Iain Lane <email address hidden> Thu, 18 Sep 2014 15:50:55 +0100
