libxvmc: Changes to 'debian-unstable'
ChangeLog | 21 +++++++++++++
configure.ac | 2 -
debian/changelog | 11 ++++++
debian/control | 12 +++----
debian/copyright | 2 -
debian/patches/series | 1
debian/upstream/signing-key.asc | 64 ++++++++++++++++++++++++++++++++++++++++
debian/watch | 2 -
src/XvMC.c | 4 +-
9 files changed, 107 insertions(+), 12 deletions(-)
New commits:
commit 313569bf7cafe7a24c493ac07413632925581895
Author: Andreas Boll <andreas.boll.dev@gmail.com>
Date: Fri Oct 7 15:15:19 2016 +0200
Add placeholder comment into series file.
diff --git a/debian/changelog b/debian/changelog
index 33ad903..30f35bd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ libxvmc (2:1.0.10-1) UNRELEASED; urgency=medium
* Update d/upstream/signing-key.asc with Matthieu Herrb's key.
* Update a bunch of URLs in packaging to https.
* Remove Drew from Uploaders.
+ * Add placeholder comment into series file.
-- Andreas Boll <andreas.boll.dev@gmail.com> Fri, 07 Oct 2016 15:06:25 +0200
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..fdffa2a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+# placeholder
commit e1b176dd1cf1944e52949628621bab280e1f3d0f
Author: Andreas Boll <andreas.boll.dev@gmail.com>
Date: Fri Oct 7 15:11:03 2016 +0200
Remove Drew from Uploaders.
diff --git a/debian/changelog b/debian/changelog
index 14a8396..33ad903 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ libxvmc (2:1.0.10-1) UNRELEASED; urgency=medium
- Fixes CVE-2016-7953.
* Update d/upstream/signing-key.asc with Matthieu Herrb's key.
* Update a bunch of URLs in packaging to https.
+ * Remove Drew from Uploaders.
-- Andreas Boll <andreas.boll.dev@gmail.com> Fri, 07 Oct 2016 15:06:25 +0200
diff --git a/debian/control b/debian/control
index e99131c..eb2d444 100644
--- a/debian/control
+++ b/debian/control
@@ -2,8 +2,6 @@ Source: libxvmc
Section: x11
Priority: optional
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
-Uploaders:
- Drew Parsons <dparsons@debian.org>,
Build-Depends:
dpkg-dev (>= 1.16.1),
debhelper (>= 8.1.3),
commit 83dbc4c8e195735359af5e10f947995cb6b81639
Author: Andreas Boll <andreas.boll.dev@gmail.com>
Date: Fri Oct 7 15:09:48 2016 +0200
Update a bunch of URLs in packaging to https.
diff --git a/debian/changelog b/debian/changelog
index 949a41a..14a8396 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,7 @@ libxvmc (2:1.0.10-1) UNRELEASED; urgency=medium
* New upstream release.
- Fixes CVE-2016-7953.
* Update d/upstream/signing-key.asc with Matthieu Herrb's key.
+ * Update a bunch of URLs in packaging to https.
-- Andreas Boll <andreas.boll.dev@gmail.com> Fri, 07 Oct 2016 15:06:25 +0200
diff --git a/debian/control b/debian/control
index 82d96b7..e99131c 100644
--- a/debian/control
+++ b/debian/control
@@ -17,8 +17,8 @@ Build-Depends:
automake,
libtool
Standards-Version: 3.9.4
-Vcs-Git: git://git.debian.org/git/pkg-xorg/lib/libxvmc
-Vcs-Browser: http://git.debian.org/?p=pkg-xorg/lib/libxvmc.git
+Vcs-Git: https://anonscm.debian.org/git/pkg-xorg/lib/libxvmc.git
+Vcs-Browser: https://anonscm.debian.org/cgit/pkg-xorg/lib/libxvmc.git
Package: libxvmc1
Section: libs
@@ -36,7 +36,7 @@ Description: X11 Video extension library
non-existent.
.
More information about X.Org can be found at:
- <URL:http://www.X.org>
+ <URL:https://www.X.org>
.
This module can be found at
git://anongit.freedesktop.org/git/xorg/lib/libXvMC
@@ -59,7 +59,7 @@ Description: X11 Video extension library (debug package)
Non-developers likely have little use for this package.
.
More information about X.Org can be found at:
- <URL:http://www.X.org>
+ <URL:https://www.X.org>
.
This module can be found at
git://anongit.freedesktop.org/git/xorg/lib/libXvMC
@@ -84,7 +84,7 @@ Description: X11 Video extension library (development headers)
libxvmc1. Non-developers likely have little use for this package.
.
More information about X.Org can be found at:
- <URL:http://www.X.org>
+ <URL:https://www.X.org>
.
This module can be found at
git://anongit.freedesktop.org/git/xorg/lib/libXvMC
diff --git a/debian/copyright b/debian/copyright
index 0c3621b..b788d08 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,5 +1,5 @@
This package was downloaded from
-http://xorg.freedesktop.org/releases/individual/lib/
+https://xorg.freedesktop.org/releases/individual/lib/
Copyright (c) 2004 The Unichrome project. All rights reserved.
diff --git a/debian/watch b/debian/watch
index 16b3f5d..0c6b747 100644
--- a/debian/watch
+++ b/debian/watch
@@ -1,4 +1,4 @@
#git=git://anongit.freedesktop.org/xorg/lib/libXvMC
version=3
opts=pgpsigurlmangle=s/$/.sig/ \
-http://xorg.freedesktop.org/releases/individual/lib/ libXvMC-(.*)\.tar\.gz
+https://xorg.freedesktop.org/releases/individual/lib/ libXvMC-(.*)\.tar\.gz
commit d111b158d7d7c0ba5bcdfa49fa5188898cd6b212
Author: Andreas Boll <andreas.boll.dev@gmail.com>
Date: Fri Oct 7 15:07:19 2016 +0200
Update d/upstream/signing-key.asc with Matthieu Herrb's key.
diff --git a/debian/changelog b/debian/changelog
index e1de2eb..949a41a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ libxvmc (2:1.0.10-1) UNRELEASED; urgency=medium
* New upstream release.
- Fixes CVE-2016-7953.
+ * Update d/upstream/signing-key.asc with Matthieu Herrb's key.
-- Andreas Boll <andreas.boll.dev@gmail.com> Fri, 07 Oct 2016 15:06:25 +0200
diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
index 863981f..a45df92 100644
--- a/debian/upstream/signing-key.asc
+++ b/debian/upstream/signing-key.asc
@@ -58,3 +58,67 @@ n4u1yrMJfpnSblPMu5wJi3kjoA+Dd5ZFqx9nTi4wBjfVYGCPsleq59K8kQCYx1Cn
lZcq630ITy9dB/aHCQry2gCbBwZ2Rsf9kr05S8uLhlwW3vRSvRs=
=tc6G
-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFeKY50BEADAX0lod3IVceb/IWJn3kTAcO2P7PWlcBiyUDaq5b2kFkliKleZ
+ec4LoCHakQBlkRBMPNwOOxvADNk3tLQjBDpbYr6lQIrN+AxMGkXBhJ82T3bsDvlj
+3Z1wRJ1zVA7eMIktsk0FAoJxV1y7e3sBKcP0eTlXqXvR2djhi+FW+ueJDAJIFSkb
+uFirgwtX5t8nt8jCmIl75KNUKOakoENY3hLWtr16W8fO1JGkEhghI2mXcz664KTd
+MPZp6JH0/8UHTHzmATOCTqNxoDtMTi2l5059Lh/nhmso9moTYqyKmaJP2rnZUr62
+97sRMG4WcxaYfWpPyO3MCmDyGeh4sW0OC06PpED3i9xMzf/kMkMdY4ZIFcLRcPtf
+LIJhw+lc/GE1Rqe961IB5xCgnZezB7ZIL+ZlOAMwKGkq7lLbcZr2QZn84lpABKF0
+AvxECoJ4etmIcdbDVmsw18AhA3u9sr98hS5IXDyeos3Xwz6Abml8aPrhqhkKvo+J
+Kcq9FNYHg0RRlos0TqocjDzGnUjEYrmIopLcwIu2SnsNSJTygZGtqrpT+2sGEqvm
+k6Oyk95QCa580zqldvxe3CG0vrAfPvoG7irllM68TS4JcqqDHTq6eupUv9ZdIzXf
+eyTHa5cytGahgVtUcui1lzqcCBkqwN8TKl+0wCcEnxRasHJy3A2Gp+AG3wARAQAB
+tCJNYXR0aGlldSBIZXJyYiA8bWF0dGhpZXVAaGVycmIuZXU+iQI+BBMBAgAoBQJX
+imOdAhsDBQkDwmcABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBoc5PuN9Eo
++PF1EACldzZPNYaC9H5E9sMn9pMsJTucBYVUy74Aw6MWAiAzRpxb9DmySmC2oEYW
+JJkwDTwv6M0Na0ed6zD79GKtAalORz2GppZpS7uoINClElWoM5TCYph6linyv9Wj
+OTlcbpX0Jqw0tdHNI2UOEjvBP3vW9kVYpEhfnHET8Ncp55j1hzoqxOhGIBE/67zc
+cLAenONAvA3YN3tHTGaOaFv+vuCFRJx9FpKbGHmdUPd3MtLqtaA4EQvDvDEholEI
+eWrjmdXJibSet6Amc5AIdFaQevZiADjjMh8MINw/6OEy9OB4s+z1RzgOrHgLiIZm
+dlP6WrNjXQwl2gmNPhctGaSHM+j2+3gckNGlI4LQYxNtKvI4iv/CoHDYmwgrcrZO
+TwFHfqt0LwqjpsU203Hw609oWYcxLeGZdITBjDz20UcfsmKQDqrBq3P1FuC5GBW3
+5bEa3wAhyE+/WKhJ94bXiHmpKsp50va3bEe17uQcYd8+E8L53aR7XP87qaHx//Mu
++OQa5Wc2d1OFHf1Mi62nbzr7pws/Mf7OSf/tnhRthuwtlfYnsUVo8usUKL/xStqo
+Ul4kc/Q81AlyaZfr7dbxsQWm2q3ksLaMaAxnk0p+kMXVzXZ9GKNOgUOJdbahORs5
+RU2f44xzfNavb63u3McADtaXskl+KHB4uDbGbGESVhm5PULk37QnTWF0dGhpZXUg
+SGVycmIgPG1hdHRoaWV1LmhlcnJiQGxhYXMuZnI+iQI+BBMBAgAoBQJXlJ63AhsD
+BQkDwmcABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBoc5PuN9Eo+PKID/wM
+II+2d11clp1X7eZgkxkAHUhI2W3NSesuFnjkkQRKQoVMokDdeSOkBhMJuWoFfbZk
+jYs2VHU9029rDqcoDSqGwo2IffvrXXJ4SjOTjlvXS1lr/H2VdWRbq8ImnDwSsoiD
+dWB3dZyqzf7ABKZ7ccA+NMSs6NxeEN/0+0sTJ386Zp480ByNX0uPqYSq5lX/VEke
+nI8r02u2ZfuykhGkT0sM013VprfYLa+6HvF+QT9KfP220mqRbonaDkYvCxwjCMzd
+rUmvyqw3VsooUpg/W/PmDNeShSuOxebaGnFyGTNvTarElCBdynFD01dqOecOqfY8
+gy+PJ1aF1qjmf+RQD/SZq+gvgyXqyBhJy7zgJnzzNWzDlUIw0ZOLyZxzFR7lRV79
+2mrGgczlQr5rLAgBy2pgwsCmP7nFx50r4ft2juugnQixoOBU/YfhBplM76EROaCc
+MTs5nPEqzJ9p4SNkPcK8AroR2Ka3+f7t+XOoHpx/XhJOBYlPaUmoFkWKr0Y8BWWh
+1nJxyFKrSNbwUgam8ypZzwzbI1vDiX8Ol6NpEeOLwzFNT0pyTdC9UN93M1VIyKWC
+1vaeMogUREKT6SmDjRn3fISktZ0IGVf2AnFMhtgZ46TJO4BZgDdZAjTkZc/lP0yF
+Nl6MpGwnaymmL50ckT77OdlfIcXFwvNPFwWlFPlcyrkCDQRXimOdARAA4otssvZm
+sKg+g0bVyJHhn/YOHLYMih+Xf07xJHyalH0UCGnGdHZwl0B97G950SwQ7yVXtGa9
+CAPe97clE6dPD6jaumQ13BHavXM+ThgjCe8V56ayYcdzqFkxlCx0Uocoa63G0/cE
+TiOqeqhNZs8JY+D7l83jCa4lU/1pLusbkCpCQ7d5/FFLz7QSihzJWp+UTsjbNik5
+spaseEMGFRKUcB3SZ/l1dTgc0wBQ1hlvLX+h4/sG0iUs1pVpo5ORC+bUfWRokl96
+uj5QZz5rY21FaNSP1rB1HKHNkwhxifBCHQMhYGTXvD7GH+JNyF2TdRmo7eBCfAPJ
+aP3mX9t2SkCipdSsUs+Uuyib9MLA71ApW90AGiRm6HtOCxR0c3+qQRNIdFVm8mnM
+hCxXRexf6Z2wZdXXy6uY0LVRgI0o31NPJPk8l2Hnb/kHGxjyUFzEWh65J/eA368d
+4m8uF+Rr7WWlpQjwgWHU12kGThEVFFBFh2gmeIjYZdDDVhCi2mQ6lGSV2Pt7pZYL
+/PPChWLBqrVBkIUQ0GV22nRYvGdaIv2LVPu8PggbPs/wwh35nJ3rUQyJF55CFV5y
+WIWAWXfRYTKG9jkt+ncjZLEBxDO26zzO/MjIVPZxGyYryXEOgr6xp38xbyX9FpjL
+KBaIueLWEyphVjBb1uUpDGx+UDYe9vbJjPUAEQEAAYkCJQQYAQIADwUCV4pjnQIb
+DAUJA8JnAAAKCRBoc5PuN9Eo+D8dEACa60Q3ta6BWyHG0SOgfYGHE15LodACVHNI
+N6Ou+JtmLarMW/AvPclNC25mxZV0ywLbun4CnJ9qYbt/Kx7djn48mrNa0rKN8Q+V
+K5RvQA1kD890yzwu5jH6r5BQ8VBcfsPvsvatgbquzFn+NNiH9U4xRf/9BSY2Zk3G
+yA15xG0T9zoklOMg8MWbeRaJPkDELyaHPWerbO7rebynePENSFPz3o3g+K9WcCM2
+xkEL571SmT4z3Mp/p0pwemWBCP2WoKCnSjAGiiHpCFru3SlZhRIvNJyK5jeS/IU6
+d5qeTBse6TXzp6Q4xkzACIN66P5SG/YY3/ONbfs6wB3lIkvVC9n7jEXjMK1T0fK8
+9DBDjzvAkJcKLLuIljjkMhRWSCED74sn+MlaWm0xMeo276EnaVILNcrHecSr8+eX
+pVXSWEJ1+ErzZladJC+CrqUm0QljPV8Smtmk9MvOLHZ4qL4bI4Hu7MywuGNrLSol
+qO0pAT1AjaYTRuH2MhZ6mJe/EtSl0EHXEkcDteE4jbYj3lwVhA1c/So0CdayImmD
+/0tdqUfekw4va8PpbQ0wroL0XUvf3wl6HOhFhahWSqqb1fVr2slVttkaMb8M4MPt
+Ka2m4qiiuGYivPIAVapSEA4DYc+krVqVXV/yDd3T7XcNtnClVo+rmOn5WiGq24am
+79+hF4bWyw==
+=WW1Z
+-----END PGP PUBLIC KEY BLOCK-----
commit 80f5f593e701e07db77491860159bae761b51e9b
Author: Andreas Boll <andreas.boll.dev@gmail.com>
Date: Fri Oct 7 15:06:59 2016 +0200
Bump changelogs
diff --git a/ChangeLog b/ChangeLog
index 6993e6e..e2f2f06 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,24 @@
+commit 44a462835cbe263451a463af17f0fbedc1c957b2
+Author: Matthieu Herrb <matthieu.herrb@laas.fr>
+Date: Tue Oct 4 22:09:12 2016 +0200
+
+ libXvMC 1.0.10
+
+ Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
+
+commit 2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Sun Sep 25 22:34:27 2016 +0200
+
+ Avoid buffer underflow on empty strings.
+
+ If an empty string is received from an x-server, do not underrun the
+ buffer by accessing "rep.nameLen - 1" unconditionally, which could end
+ up being -1.
+
+ Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+ Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
+
commit ab0d28935987d48e9359023e82f9d56aa7e4bc95
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sat Mar 14 10:10:05 2015 -0700
diff --git a/debian/changelog b/debian/changelog
index d86a006..e1de2eb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+libxvmc (2:1.0.10-1) UNRELEASED; urgency=medium
+
+ * New upstream release.
+ - Fixes CVE-2016-7953.
+
+ -- Andreas Boll <andreas.boll.dev@gmail.com> Fri, 07 Oct 2016 15:06:25 +0200
+
libxvmc (2:1.0.9-1) unstable; urgency=medium
* New upstream release.
commit 44a462835cbe263451a463af17f0fbedc1c957b2
Author: Matthieu Herrb <matthieu.herrb@laas.fr>
Date: Tue Oct 4 22:09:12 2016 +0200
libXvMC 1.0.10
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
diff --git a/configure.ac b/configure.ac
index 01f286f..c0b87c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@
# Initialize Autoconf
AC_PREREQ([2.60])
-AC_INIT([libXvMC], [1.0.9],
+AC_INIT([libXvMC], [1.0.10],
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXvMC])
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_HEADERS([config.h])
commit 2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun Sep 25 22:34:27 2016 +0200
Avoid buffer underflow on empty strings.
If an empty string is received from an x-server, do not underrun the
buffer by accessing "rep.nameLen - 1" unconditionally, which could end
up being -1.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
diff --git a/src/XvMC.c b/src/XvMC.c
index 7336760..3ee4212 100644
--- a/src/XvMC.c
+++ b/src/XvMC.c
@@ -576,9 +576,9 @@ Status XvMCGetDRInfo(Display *dpy, XvPortID port,
if (*name && *busID && tmpBuf) {
_XRead(dpy, tmpBuf, realSize);
strncpy(*name,tmpBuf,rep.nameLen);
- (*name)[rep.nameLen - 1] = '\0';
+ (*name)[rep.nameLen == 0 ? 0 : rep.nameLen - 1] = '\0';
strncpy(*busID,tmpBuf+rep.nameLen,rep.busIDLen);
- (*busID)[rep.busIDLen - 1] = '\0';
+ (*busID)[rep.busIDLen == 0 ? 0 : rep.busIDLen - 1] = '\0';
XFree(tmpBuf);
} else {
XFree(*name);
Reply to: