Closed
Bug 677581
Opened 13 years ago
Closed 13 years ago
Update in-tree libogg to 1.3.0
Categories
(Core :: Audio/Video, defect)
Tracking
()
RESOLVED
FIXED
mozilla10
People
(Reporter: imelven, Assigned: rillian)
References
Details
Attachments
(1 file)
55.31 KB,
patch
|
kinetik
:
review+
|
Details | Diff | Splinter Review |
latest libogg is : Version 1.3.0 (2011 August 4)
the release notes at http://svn.xiph.org/trunk/ogg/CHANGES say :
Version 1.2.1 (2010 November 01)
* Various build updates (see SVN)
* Add ogg_stream_pageout_fill() to API to allow applications
greater explicit flexibility in page sizing.
* Documentation updates including multiplexing description,
terminology and API (incl. ogg_packet_clear(),
ogg_stream_pageout_fill())
=> * Correct possible buffer overwrite in stream encoding on 32 bit
when a single packet exceed 250MB.
=> * Correct read-buffer overrun [without side effects] under
similar circumstances.
* Update unit testing to work properly with new page spill
heuristic.
and http://mxr.mozilla.org/mozilla-central/source/media/libogg/src/ says :
ogg_bitwise.c 22k Jun 15 2010
ogg_framing.c 66k Jun 15 2010
so it appears we should at least investigate to see if we have this issue.
Comment 1•13 years ago
|
||
We picked those fixes up in bug 559344 when the in-tree libogg was updated to SVN r17287.
We should still update to 1.3.0, since it makes working out the answer to questions like this much easier. I'll take the security flag off of this bug.
Group: core-security
Summary: libogg is out of date and may contain possible memory read/write overruns → Update in-tree libogg to 1.3.0
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → giles
Assignee | ||
Comment 2•13 years ago
|
||
Brian, please check this patch on Solaris. I've changed the way the fixed width types are obtained there.
Attachment #562573 -
Flags: review?(eagle.lu)
Assignee | ||
Comment 3•13 years ago
|
||
Review ping. I'll request checkin at the end of the week if we can't get verification on Solaris.
Assignee | ||
Comment 4•13 years ago
|
||
Comment on attachment 562573 [details] [diff] [review]
proposed patch
Timing out on Solaris review. Matthew, please review for check-in.
Attachment #562573 -
Flags: review?(eagle.lu) → review?(kinetik)
Updated•13 years ago
|
Attachment #562573 -
Flags: review?(kinetik) → review+
Comment 5•13 years ago
|
||
Target Milestone: --- → mozilla10
Comment 6•13 years ago
|
||
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 7•13 years ago
|
||
Thanks, Matthew.
You need to log in
before you can comment on or make changes to this bug.
Description
•