* Merge with Debian unstable; remaining changes:
+ Import plugins from -bad that are needed for main applications.
- jpegformat
- camerabin2 (+ basecamerabinsrc + photography)
+ Break and Replace -bad versions which contained these plugins.
+ Add a library package containing the shared library and a -dev package for
compiling against it. Add Breaks and Replaces against the plugins packages
which formerly contained files shipped here.
+ Add 'pluginsdir' variable to our added pcfile for compatibility with
some external software
+ debian/control{,.in}: Update Vcs-* for Ubuntu
* SECURITY UPDATE: incomplete fix for flx decoder
- debian/patches/flxdec-bounds3.patch: don't unref() parent in the
chain function in gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds4.patch: rewrite logic based on
GstByteReader/Writer in gst/flx/flx_color.c, gst/flx/flx_fmt.h,
gst/flx/gstflxdec.c, gst/flx/gstflxdec.h.
- No CVE number
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder
- debian/patches/flxdec-bounds1.patch: add bounds checking to
gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds2.patch: fix compiler warnings in
gst/flx/gstflxdec.c.
- No CVE number
-- Iain Lane <email address hidden> Fri, 13 Jan 2017 12:56:06 +0000
This bug was fixed in the package gst-plugins-good1.0 - 1.8.3-1ubuntu0.3
---------------
gst-plugins-good1.0 (1.8.3-1ubuntu0.3) xenial; urgency=medium
* Rebase on top of security update again.
gst-plugins-good1.0 (1.8.3-1ubuntu0.2) xenial; urgency=medium
* Rebase on top of security update.
gst-plugins-good1.0 (1.8.3-1ubuntu0.1) xenial; urgency=medium
* No-change backport from yakkety to 16.04 (LP: #1619600)
gst-plugins-good1.0 (1.8.3-1ubuntu1) yakkety; urgency=medium
* Merge with Debian unstable; remaining changes: control{ ,.in}: Update Vcs-* for Ubuntu
+ Import plugins from -bad that are needed for main applications.
- jpegformat
- camerabin2 (+ basecamerabinsrc + photography)
+ Break and Replace -bad versions which contained these plugins.
+ Add a library package containing the shared library and a -dev package for
compiling against it. Add Breaks and Replaces against the plugins packages
which formerly contained files shipped here.
+ Add 'pluginsdir' variable to our added pcfile for compatibility with
some external software
+ debian/
gst-plugins-good1.0 (1.8.3-1) unstable; urgency=medium
* New upstream bugfix release.
gst-plugins-good1.0 (1.8.2-1ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: incomplete fix for flx decoder patches/ flxdec- bounds3. patch: don't unref() parent in the gstflxdec. c. patches/ flxdec- bounds4. patch: rewrite logic based on ader/Writer in gst/flx/ flx_color. c, gst/flx/flx_fmt.h, flx/gstflxdec. c, gst/flx/ gstflxdec. h.
- debian/
chain function in gst/flx/
- debian/
GstByteRe
gst/
- No CVE number
gst-plugins-good1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder patches/ flxdec- bounds1. patch: add bounds checking to flx/gstflxdec. c. patches/ flxdec- bounds2. patch: fix compiler warnings in flx/gstflxdec. c.
- debian/
gst/
- debian/
gst/
- No CVE number
-- Iain Lane <email address hidden> Fri, 13 Jan 2017 12:56:06 +0000