From: Raspbian automatic forward porter Date: Fri, 15 Dec 2023 13:45:02 +0000 (+0000) Subject: Merge version 1.0.11-1+rpi1 and 1.0.11-1+deb12u1 to produce 1.0.11-1+rpi1+deb12u1 X-Git-Tag: archive/raspbian/1.0.11-1+rpi1+deb12u1^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=d62230d7fbaeb3fef4399c180de877a7c8e1daf6;p=libde265.git Merge version 1.0.11-1+rpi1 and 1.0.11-1+deb12u1 to produce 1.0.11-1+rpi1+deb12u1 --- d62230d7fbaeb3fef4399c180de877a7c8e1daf6 diff --cc debian/changelog index 412379e,323d143..c568bb8 --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,18 +1,25 @@@ - libde265 (1.0.11-1+rpi1) bookworm-staging; urgency=medium ++libde265 (1.0.11-1+rpi1+deb12u1) bookworm-staging; urgency=medium + + [changes brought forward from 1.0.2-1+rpi1 by Peter Michael Green at Sun, 04 Oct 2015 21:44:10 +0000] + * Disable neon. + - -- Raspbian forward porter Sat, 11 Feb 2023 07:35:47 +0000 ++ -- Raspbian forward porter Fri, 15 Dec 2023 13:45:02 +0000 ++ + libde265 (1.0.11-1+deb12u1) bookworm; urgency=medium + + * Non-maintainer upload by the LTS Team. + * CVE-2023-27102 (Closes: #1033257) + fix segmentation violation in the + function decoder_context::process_slice_segment_header + * CVE-2023-27103 + fix heap buffer overflow in the + function derive_collocated_motion_vectors + * CVE-2023-43887 + fix buffer over-read in pic_parameter_set::dump + * CVE-2023-47471 (Closes: #1056187) + fix buffer overflow in the slice_segment_header function + + -- Thorsten Alteholz Sun, 26 Nov 2023 13:03:02 +0100 libde265 (1.0.11-1) unstable; urgency=medium diff --cc debian/patches/series index b9b42f0,89951cc..875e4f5 --- a/debian/patches/series +++ b/debian/patches/series @@@ -3,4 -3,9 +3,9 @@@ disable_tools.patc reject_reference_pics_from_different_sps.patch use_sps_from_the_image.patch recycle_sps_if_possible.patch + + CVE-2023-27102.patch + CVE-2023-27103.patch + CVE-2023-43887.patch + CVE-2023-47471.patch - +disable-neon.patch