Reinhard Tartler [Tue, 25 May 2021 01:09:10 +0000 (21:09 -0400)]
Declare fast forward from 1.0.1+dfsg1-3
[dgit --quilt=gbp --overwrite]
jeanlf [Fri, 9 Apr 2021 09:17:40 +0000 (11:17 +0200)]
[PATCH] fixed #1738
Gbp-Pq: Name CVE-2021-31262.patch
jeanlf [Thu, 8 Apr 2021 08:21:26 +0000 (10:21 +0200)]
[PATCH] fixed #1736
Gbp-Pq: Name CVE-2021-31260.patch
jeanlf [Fri, 12 Mar 2021 10:56:53 +0000 (11:56 +0100)]
[PATCH] fixed #1706
Gbp-Pq: Name CVE-2021-31258.patch
jeanlf [Thu, 8 Apr 2021 08:09:46 +0000 (10:09 +0200)]
[PATCH] fixed #1734
Gbp-Pq: Name CVE-2021-31257.patch
jeanlf [Thu, 8 Apr 2021 07:29:42 +0000 (09:29 +0200)]
[PATCH] fixed #1728
Gbp-Pq: Name CVE-2021-30199.patch
jeanlf [Mon, 29 Mar 2021 07:21:51 +0000 (09:21 +0200)]
[PATCH] fixed #1719
Gbp-Pq: Name CVE-2021-30019.patch
jeanlf [Mon, 29 Mar 2021 07:21:51 +0000 (09:21 +0200)]
[PATCH] fixed #1719
Gbp-Pq: Name CVE-2021-30015.patch
jeanlf [Fri, 9 Apr 2021 09:12:47 +0000 (11:12 +0200)]
[PATCH] fixed #1737
Gbp-Pq: Name CVE-2021-31261.patch
jeanlf [Fri, 12 Mar 2021 10:46:56 +0000 (11:46 +0100)]
[PATCH] fixed #1705
Gbp-Pq: Name CVE-2021-31256.patch
jeanlf [Thu, 8 Apr 2021 08:07:35 +0000 (10:07 +0200)]
[PATCH] fixed #1733
Gbp-Pq: Name CVE-2021-31255.patch
jeanlf [Mon, 29 Mar 2021 07:17:40 +0000 (09:17 +0200)]
[PATCH] fixed 1718
Gbp-Pq: Name CVE-2021-29279.patch
jeanlf [Thu, 11 Mar 2021 14:28:56 +0000 (15:28 +0100)]
[PATCH] fixed #1702
Gbp-Pq: Name CVE-2021-28300.patch
jeanlf [Mon, 4 Jan 2021 10:10:48 +0000 (11:10 +0100)]
[PATCH] fixed #1660
Gbp-Pq: Name CVE-2020-35982.patch
jeanlf [Mon, 4 Jan 2021 10:06:52 +0000 (11:06 +0100)]
[PATCH] fixed #1659
Gbp-Pq: Name CVE-2020-35981.patch
jeanlf [Mon, 4 Jan 2021 10:24:26 +0000 (11:24 +0100)]
[PATCH] fixed #1662
Gbp-Pq: Name CVE-2020-35979.patch
Debian Multimedia Maintainers [Tue, 25 May 2021 01:09:10 +0000 (21:09 -0400)]
CVE-2021-30014_CVE-2021-30020_CVE-2021-30022
Backport of
From
51cdb67ff7c5f1242ac58c5aa603ceaf1793b788 Mon Sep 17 00:00:00 2001
From: jeanlf <jeanlf@gpac.io>
Date: Mon, 29 Mar 2021 09:34:02 +0200
Subject: [PATCH] add safety in avc/hevc/vvc sps/pps/vps ID check - cf #1720
#1721 #1722
Gbp-Pq: Name CVE-2021-30014_CVE-2021-30020_CVE-2021-30022.patch
Balint Reczey [Tue, 25 May 2021 01:09:10 +0000 (21:09 -0400)]
Don't fail build intentionally on unknown systems
Gbp-Pq: Name dont-err-build-on-uknown-system.patch
Alessio Treglia [Tue, 25 May 2021 01:09:10 +0000 (21:09 -0400)]
Add -O2 to CFLAGS by default, -O0 if noopt is set.
Forwarded: not-needed
Forwarded: not-needed
Gbp-Pq: Name gcc-optflags.patch
Reinhard Tartler [Tue, 25 May 2021 01:10:41 +0000 (21:10 -0400)]
debian/changelog: update
Reinhard Tartler [Tue, 25 May 2021 01:10:10 +0000 (21:10 -0400)]
Merge branch 'experimental'
Reinhard Tartler [Mon, 24 May 2021 12:31:57 +0000 (08:31 -0400)]
Make sure to clean generated share/gpac.desktop
Moritz Muehlenhoff [Sat, 15 May 2021 15:11:46 +0000 (17:11 +0200)]
update changelog
Moritz Muehlenhoff [Sat, 15 May 2021 15:06:50 +0000 (17:06 +0200)]
Cherrypicked fixes for multiple security issues:
(Closes: #987280, #987323, #987374)
- CVE-2021-30014/CVE-2021-30020/CVE-2021-30022
- CVE-2020-35979
- CVE-2020-35981
- CVE-2020-35982
- CVE-2021-28300
- CVE-2021-29279
- CVE-2021-31255
- CVE-2021-31256
- CVE-2021-31261
- CVE-2021-30015
- CVE-2021-30019
- CVE-2021-30199
- CVE-2021-31257
- CVE-2021-31258
- CVE-2021-31260
- CVE-2021-31262
Reinhard Tartler [Wed, 25 Nov 2020 20:44:35 +0000 (15:44 -0500)]
Bugfix: FTBFS on armel: missing -latomic (Closes: #975433)
Reinhard Tartler [Wed, 25 Nov 2020 20:43:00 +0000 (15:43 -0500)]
Make fast forward from 1.0.1+dfsg1-2
[dgit --quilt=gbp]
Balint Reczey [Wed, 25 Nov 2020 20:43:00 +0000 (15:43 -0500)]
Don't fail build intentionally on unknown systems
Gbp-Pq: Name dont-err-build-on-uknown-system.patch
Alessio Treglia [Wed, 25 Nov 2020 20:43:00 +0000 (15:43 -0500)]
Add -O2 to CFLAGS by default, -O0 if noopt is set.
Forwarded: not-needed
Forwarded: not-needed
Gbp-Pq: Name gcc-optflags.patch
Reinhard Tartler [Wed, 25 Nov 2020 20:43:04 +0000 (15:43 -0500)]
debian/changelog: prepare new upload
Reinhard Tartler [Wed, 25 Nov 2020 20:42:41 +0000 (15:42 -0500)]
Clean share/gpac.desktop, Closes: #975779
Reinhard Tartler [Sat, 21 Nov 2020 22:13:59 +0000 (17:13 -0500)]
upload to unstable
Reinhard Tartler [Sat, 21 Nov 2020 22:13:44 +0000 (17:13 -0500)]
Make fast forward from 0.7.1+dfsg1-4
[dgit --quilt=gbp]
Balint Reczey [Sat, 21 Nov 2020 22:13:44 +0000 (17:13 -0500)]
Don't fail build intentionally on unknown systems
Gbp-Pq: Name dont-err-build-on-uknown-system.patch
Alessio Treglia [Sat, 21 Nov 2020 22:13:44 +0000 (17:13 -0500)]
Add -O2 to CFLAGS by default, -O0 if noopt is set.
Forwarded: not-needed
Forwarded: not-needed
Gbp-Pq: Name gcc-optflags.patch
Reinhard Tartler [Wed, 18 Nov 2020 02:55:55 +0000 (21:55 -0500)]
fix lintian override
Reinhard Tartler [Wed, 18 Nov 2020 02:41:42 +0000 (21:41 -0500)]
avoid duplicate entry in debian/copyright
Reinhard Tartler [Wed, 18 Nov 2020 02:41:23 +0000 (21:41 -0500)]
silence lintian warning "source-is-missing"
Reinhard Tartler [Wed, 18 Nov 2020 02:40:05 +0000 (21:40 -0500)]
fix 'symbols-file-contains-current-version-with-debian-revision'
From lintian output:
Debian revisions should be stripped from versions in symbols files.
Not doing so leads to dependencies unsatisfiable by backports
(1.0-1~bpo << 1.0-1 while 1.0-1~bpo >= 1.0). If the Debian revision
can't be stripped because the symbol really appeared between two
specific Debian revisions, you should postfix the version with a
single "~" (example: 1.0-3~ if the symbol appeared in 1.0-3).
.
This problem normally means that the symbols were added automatically
by dpkg-gensymbols. dpkg-gensymbols uses the full version number for
the dependency associated to any new symbol that it detects. The
maintainer must update the debian/<package>.symbols file by adding the
new symbols with the corresponding upstream version.
Reinhard Tartler [Wed, 18 Nov 2020 02:38:43 +0000 (21:38 -0500)]
no longer install menu file
The command is listed both a desktop file
Per the tech-ctte decision on Bug#741573, it must not be mentioned in both the
.desktop and the menu file at the same time. I'm choosing the .desktop file
Reinhard Tartler [Tue, 17 Nov 2020 23:32:57 +0000 (18:32 -0500)]
debian/changelog: update
Reinhard Tartler [Tue, 17 Nov 2020 23:28:14 +0000 (18:28 -0500)]
small copyright cleanups
suggested by 'cme fix dpkg-copyright'
Reinhard Tartler [Tue, 17 Nov 2020 23:22:27 +0000 (18:22 -0500)]
update debian/changelog
Reinhard Tartler [Tue, 17 Nov 2020 23:02:57 +0000 (18:02 -0500)]
Update upstream source from tag 'upstream/1.0.1+dfsg1'
Update to upstream version '1.0.1+dfsg1'
with Debian dir
a6e274d9b25f2c7366e86d8e27998bbde93f1af3
Reinhard Tartler [Tue, 17 Nov 2020 23:02:44 +0000 (18:02 -0500)]
New upstream version 1.0.1+dfsg1
Reinhard Tartler [Tue, 17 Nov 2020 22:57:56 +0000 (17:57 -0500)]
cleanup exclusions
Reinhard Tartler [Tue, 17 Nov 2020 22:50:44 +0000 (17:50 -0500)]
update symbols file
Reinhard Tartler [Tue, 17 Nov 2020 19:58:14 +0000 (14:58 -0500)]
install the pkg-config file
Reinhard Tartler [Tue, 17 Nov 2020 18:45:07 +0000 (13:45 -0500)]
install new manpages
Reinhard Tartler [Tue, 17 Nov 2020 18:34:06 +0000 (13:34 -0500)]
drop debian/gpac.manpages, no longer needed
Reinhard Tartler [Tue, 17 Nov 2020 18:27:42 +0000 (13:27 -0500)]
gpac.docs: from share/doc instead of doc/
Reinhard Tartler [Tue, 17 Nov 2020 16:00:43 +0000 (11:00 -0500)]
gpac.install: install all of share
Reinhard Tartler [Tue, 17 Nov 2020 13:06:36 +0000 (08:06 -0500)]
drop mp4box normalization (no longer installed?)
Reinhard Tartler [Tue, 17 Nov 2020 12:53:45 +0000 (07:53 -0500)]
avoid cleaning 'debian'
Reinhard Tartler [Tue, 17 Nov 2020 12:31:40 +0000 (07:31 -0500)]
refresh/drop distro patches
Reinhard Tartler [Tue, 17 Nov 2020 12:28:32 +0000 (07:28 -0500)]
debian/changelog: prepare new upload
Reinhard Tartler [Tue, 17 Nov 2020 12:27:24 +0000 (07:27 -0500)]
upstream bumped soname 7->10
Reinhard Tartler [Mon, 16 Nov 2020 12:12:50 +0000 (07:12 -0500)]
drop deprecated apps
needs further copyright review, maybe parts (or all) could be included in a
future revision
Reinhard Tartler [Tue, 17 Nov 2020 12:23:09 +0000 (07:23 -0500)]
debian/copyright: Reworked with 'cme dpkg-copyright'
Following the guides from
https://github.com/dod38fr/config-model/wiki/Updating-debian-copyright-file-with-cme
Reinhard Tartler [Mon, 16 Nov 2020 12:08:15 +0000 (07:08 -0500)]
debian/copyright: cleanups
drop entries from "Files-Excluded" section that are no longer included in the
upstream tarball
Reinhard Tartler [Sat, 14 Nov 2020 22:06:54 +0000 (17:06 -0500)]
Update upstream source from tag 'upstream/1.0.1'
Update to upstream version '1.0.1'
with Debian dir
7909422ddee0bd5d964b17a7d8516012f9c0b26c
Reinhard Tartler [Sat, 14 Nov 2020 22:06:39 +0000 (17:06 -0500)]
New upstream version 1.0.1
Reinhard Tartler [Sat, 14 Nov 2020 22:06:15 +0000 (17:06 -0500)]
ignore additional swf file without source
Reinhard Tartler [Sat, 14 Nov 2020 02:28:00 +0000 (21:28 -0500)]
update debian/changelog
Reinhard Tartler [Sat, 14 Nov 2020 02:32:48 +0000 (21:32 -0500)]
Fix FTCBFS: Pass --cross-prefix to ./configure
Closes: #945200
Reinhard Tartler [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
Make fast forward from 0.7.1+dfsg1-1
[dgit --quilt=gbp]
Aurelien David [Thu, 11 Apr 2019 12:54:53 +0000 (14:54 +0200)]
[PATCH] fix buffer overrun in gf_bin128_parse
closes #1204
closes #1205
Gbp-Pq: Name CVE-2019-11222.patch
Aurelien David [Thu, 11 Apr 2019 12:18:58 +0000 (14:18 +0200)]
[PATCH] fix a bunch of vsprintf -> vsnprintf
closes #1203
Gbp-Pq: Name CVE-2019-11221.patch
Debian Multimedia Maintainers [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
CVE-2018-13005
commit
bceb03fd2be95097a7b409ea59914f332fb6bc86
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Thu Jun 28 13:34:08 2018 +0200
Description: CVE-2018-13005, CVE-2018-13006
fixed 2 possible heap overflows (inc. #1088)
Gbp-Pq: Name CVE-2018-13005.patch
Debian Multimedia Maintainers [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
CVE-2018-20760
commit
4c1360818fc8948e9307059fba4dc47ba8ad255d
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Thu Dec 13 14:39:21 2018 +0100
Description: CVE-2018-20760
check error code on call to gf_utf8_wcstombs (#1177)
Gbp-Pq: Name CVE-2018-20760.patch
Debian Multimedia Maintainers [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
CVE-2018-20763
commit
1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri Jan 11 14:05:16 2019 +0100
Description: CVE-2018-20763
add some boundary checks on gf_text_get_utf8_line (#1188)
Gbp-Pq: Name CVE-2018-20763.patch
Debian Multimedia Maintainers [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
CVE-2018-20762
commit
35ab4475a7df9b2a4bcab235e379c0c3ec543658
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri Jan 11 11:32:54 2019 +0100
Description: CVE-2018-20762
fix some overflows due to strcpy
fixes #1184, #1186, #1187 among other things
Gbp-Pq: Name CVE-2018-20762.patch
Aurelien David [Tue, 6 Mar 2018 10:23:31 +0000 (11:23 +0100)]
CVE-2018-7752
Upstream: commit
90dc7f853d31b0a4e9441cba97feccf36d8b69a4
fix some exploitable overflows (#994, #997)
Gbp-Pq: Name CVE-2018-7752.patch
Debian Multimedia Maintainers [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
fix_makefile_install
Gbp-Pq: Name fix_makefile_install.patch
James Cowgill [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
Fix FTBFS with FFmpeg 4.0
Bug: https://github.com/gpac/gpac/pull/1063
Bug-Debian: https://bugs.debian.org/888343
Bug-Debian: https://bugs.debian.org/888343
Gbp-Pq: Name ffmpeg_4.patch
Balint Reczey [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
Don't fail build intentionally on unknown systems
Gbp-Pq: Name dont-err-build-on-uknown-system.patch
Alessio Treglia [Sat, 14 Nov 2020 02:27:34 +0000 (21:27 -0500)]
Add -O2 to CFLAGS by default, -O0 if noopt is set.
Forwarded: not-needed
Forwarded: not-needed
Gbp-Pq: Name gcc-optflags.patch
Reinhard Tartler [Sat, 14 Nov 2020 02:26:31 +0000 (21:26 -0500)]
Merge remote-tracking branch 'salsa/master' into master
Reinhard Tartler [Sat, 14 Nov 2020 02:11:28 +0000 (21:11 -0500)]
debian/control: cleanup
unused BSD-2 clause paragraph
Reinhard Tartler [Sat, 14 Nov 2020 02:10:51 +0000 (21:10 -0500)]
libgpac7.symbols: Add Build-Depends-Package field
suggested by lintian
Reinhard Tartler [Sat, 14 Nov 2020 02:10:27 +0000 (21:10 -0500)]
debian/control: cleanup
osmo4_wx no longer present
Sebastian Ramacher [Sun, 20 Sep 2020 17:19:15 +0000 (19:19 +0200)]
Bump to debhelper compat 13
Sebastian Ramacher [Sun, 20 Sep 2020 16:53:24 +0000 (18:53 +0200)]
Remove obsolete Pre-Depends
Sebastian Ramacher [Sun, 23 Aug 2020 14:11:14 +0000 (14:11 +0000)]
Merge branch 'lintian-fixes' into 'master'
Fix some issues reported by lintian
See merge request multimedia-team/gpac!1
Debian Janitor [Wed, 15 Apr 2020 14:00:47 +0000 (14:00 +0000)]
Drop unnecessary dh arguments: --parallel
Fixes: lintian: debian-rules-uses-unnecessary-dh-argument
See-also: https://lintian.debian.org/tags/debian-rules-uses-unnecessary-dh-argument.html
Debian Janitor [Wed, 15 Apr 2020 14:00:14 +0000 (14:00 +0000)]
Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
Fixes: lintian: upstream-metadata-file-is-missing
See-also: https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html
Fixes: lintian: upstream-metadata-missing-bug-tracking
See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html
Fixes: lintian: upstream-metadata-missing-repository
See-also: https://lintian.debian.org/tags/upstream-metadata-missing-repository.html
Debian Janitor [Wed, 15 Apr 2020 13:59:36 +0000 (13:59 +0000)]
Bump debhelper from old 9 to 10.
Fixes: lintian: package-uses-old-debhelper-compat-version
See-also: https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html
Debian Janitor [Wed, 15 Apr 2020 13:59:01 +0000 (13:59 +0000)]
Use secure URI in Homepage field.
Fixes: lintian: homepage-field-uses-insecure-uri
See-also: https://lintian.debian.org/tags/homepage-field-uses-insecure-uri.html
Reinhard Tartler [Sat, 13 Apr 2019 20:52:18 +0000 (16:52 -0400)]
debian/changelog: Update for experimental
Reinhard Tartler [Sat, 13 Apr 2019 20:52:04 +0000 (16:52 -0400)]
Declare fast forward from 0.7.1+dfsg1-2
[dgit --overwrite]
Reinhard Tartler [Sat, 13 Apr 2019 20:46:54 +0000 (16:46 -0400)]
Merge branch 'master' into experimental
Reinhard Tartler [Sat, 13 Apr 2019 20:41:32 +0000 (16:41 -0400)]
debian/changelog: Fix email address
Reinhard Tartler [Sat, 13 Apr 2019 01:23:57 +0000 (21:23 -0400)]
Prepare new upload
* Bug fix: "CVE-2019-11222: Buffer-overflow in gf_bin128_parse", thanks
to Salvatore Bonaccorso (Closes: #926961).
* Bug fix: "CVE-2019-11221: buffer-overflow issue in gf_import_message()
in media_import.c", thanks to Salvatore Bonaccorso (Closes: #926963).
Reinhard Tartler [Sun, 7 Apr 2019 14:54:31 +0000 (10:54 -0400)]
debian/changelog: Upload to experimental
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
CVE-2018-13005
commit
bceb03fd2be95097a7b409ea59914f332fb6bc86
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Thu Jun 28 13:34:08 2018 +0200
Description: CVE-2018-13005, CVE-2018-13006
fixed 2 possible heap overflows (inc. #1088)
Gbp-Pq: Name CVE-2018-13005.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
CVE-2018-20760
commit
4c1360818fc8948e9307059fba4dc47ba8ad255d
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Thu Dec 13 14:39:21 2018 +0100
Description: CVE-2018-20760
check error code on call to gf_utf8_wcstombs (#1177)
Gbp-Pq: Name CVE-2018-20760.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
CVE-2018-20763
commit
1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri Jan 11 14:05:16 2019 +0100
Description: CVE-2018-20763
add some boundary checks on gf_text_get_utf8_line (#1188)
Gbp-Pq: Name CVE-2018-20763.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
CVE-2018-20762
commit
35ab4475a7df9b2a4bcab235e379c0c3ec543658
Author: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri Jan 11 11:32:54 2019 +0100
Description: CVE-2018-20762
fix some overflows due to strcpy
fixes #1184, #1186, #1187 among other things
Gbp-Pq: Name CVE-2018-20762.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
CVE-2018-7752
fix some exploitable overflows (#994, #997)
Gbp-Pq: Name CVE-2018-7752.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
fix_makefile_install
Gbp-Pq: Name fix_makefile_install.patch
Debian Multimedia Maintainers [Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)]
ffmpeg_4
Gbp-Pq: Name ffmpeg_4.patch
projects / gpac.git / log