Opened 5 years ago

Closed 5 years ago

Last modified 4 years ago

#13421 closed enhancement (fixed)

faad2-2.9.1 (many CVEs)

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Not at github: https://github.com/knik0/faad2

Report from Leandro Nini via blfs-support.

Change History (5)

comment:1 by Bruce Dubbs, 5 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Xi Ruoyao, 5 years ago

Priority: normalhigh
Summary: faad2-2.9.1faad2-2.9.1 (many CVEs)

faad2-2.9.1:

[ Fabian Greffrath ]

Include stdio.h in libfaad/ps_dec.c for stderr (Michael Fink)
Fix Tille -> Title typo in frontend/mp4read.c (Alexander Thomas)

faad2-2.9.0:

[ Krzysztof Nikiel ]

Build system fixes and code clean-up
[ LoRd_MuldeR ]

Fix compiler warnings and code indentation
Fix compilation with GCC <= 4.7.3
MSVC solution file clean-up
[ Cameron Cawley ]

Fix compilation with GCC 4.7.4
Fix compilation with MinGW
[ Michael Fink ]

MSVC 2017 project file update
[ Hugo Lefeuvre ]

Fix crash with unsupported MP4 files (NULL pointer dereference,
division by zero)
CVE-2019-6956: ps_dec: sanitize iid_index before mixing
CVE-2018-20196: sbr_fbt: sanitize sbr->M (should not exceed MAX_M)
CVE-2018-20199, CVE-2018-20360: specrec: better handle unexpected
parametric stereo (PS)
CVE-2018-20362, CVE-2018-19504, CVE-2018-20195, CVE-2018-20198,
CVE-2018-20358: syntax.c: check for syntax element inconsistencies
CVE-2018-20194, CVE-2018-19503, CVE-2018-20197, CVE-2018-20357,
CVE-2018-20359, CVE-2018-20361: sbr_hfadj: sanitize frequency band
borders
[ Hugo Beauzée-Luyssen ]

CVE-2019-15296, CVE-2018-19502: Fix a couple buffer overflows
[ Filip Roséen ]

Prevent crash on SCE followed by CPE
[ Gianfranco Costamagna ]

Fix linking with GCC 9 and "-Wl,--as-needed"
[ Fabian Greffrath ]

Enable the frontend to be built reproducibly

comment:3 by Bruce Dubbs, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 22999.

comment:4 by Bruce Dubbs, 4 years ago

Milestone: 9.210,0

Milestone renamed

comment:5 by Bruce Dubbs, 4 years ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.