Debian Patches
Status for libtheora/1.2.0~alpha1+dfsg-6
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Remove-non-DFSG-commpliant-RFCs.patch | Remove non-DFSG commpliant RFCs | John Ferlito <johnf@inodes.org> | no | debian | 2009-12-12 | |
| 0002-player-example-needs-lm-for-rint.patch | player-example needs -lm for rint() | Simon McVittie <smcv@debian.org> | no | debian | 2014-11-10 | |
| 0003-latex.patch | Use the float latex package in the spec. Newer texlive distributions require \usepackage{float} for the [H] figure layout directive. We use this to make sure the header layout figures are at the top of their respective sections for conventional reference like in an RFC, so requiring the additional package is safer than falling back to standard latex [h] or [!h]. Note that [H] from the float package is incompatible with fallback specifiers. The configure script will automatically check for the new package. |
Ralph Giles <giles@mozilla.com> | no | debian | backport, https://git.xiph.org/?p=theora.git;a=commitdiff;h=fbb275803696085225c310773474ef4dcf8a4528 | 2015-09-22 |
| 0004-libpng16.patch | Fix build problem with libpng16. Backport fix from upstream to use sizeof() instead of png_sizeof(). |
Tristan Matthew <le.businessman@gmail.com> | no | debian | backport, https://git.xiph.org/?p=theora.git;a=commitdiff;h=7288b539c52e99168488dc3a343845c9365617c8 | 2024-12-29 |
| 0005-drop-inter-library-dep.patch | Made sure libtheoraenc do not need libtheoradec. Added info.c to libtheoraenc source and dropped library dependency on libtheoradec. Addresses issue reported in https://bugs.debian.org/923940 about some symbols being unresolved. |
petterreinholdtsen <pere@hungry.com> | not-needed | debian | https://gitlab.xiph.org/xiph/theora/-/commit/14045376ee6897f20f6bb9815f246172da748e50 | 2025-03-16 |
| 0006-CVE-2024-56431.patch | Avoid negative bit shift operatoin in huffdec.c (CVE-2024-56431). A crash was discovered using input fuzzying, in th_decode_ceaderin() where the len value in the oc_fuff_tree_unpack() can end up as -1. Added a check to ensure this do not happen. Based on feedback from Timothy B. Terriberry. The issue was discovered using gcc sanitazion, which reported the following: huffdec.c:228:27: runtime error: shift exponent -1 is negative #0 0x5d471012bfd0 in oc_huff_tree_unpack /home/uos/libtheora-18570/theora/lib/huffdec.c:228 #1 0x5d471012c134 in oc_huff_trees_unpack /home/uos/libtheora-18570/theora/lib/huffdec.c:392 #2 0x5d471010a98c in oc_setup_unpack /home/uos/libtheora-18570/theora/lib/decinfo.c:169 #3 0x5d471010a98c in oc_dec_headerin /home/uos/libtheora-18570/theora/lib/decinfo.c:238 #4 0x5d471010a98c in th_decode_headerin /home/uos/libtheora-18570/theora/lib/decinfo.c:266 #5 0x5d47100fd638 in TheoraDecoder::initialize() /home/uos/libtheora-18570/libtheora-18570/fuzzer.cpp:66 #6 0x5d47100ffa76 in TheoraDecoder::Run() /home/uos/libtheora-18570/libtheora-18570/fuzzer.cpp:180 #7 0x5d47100ffe48 in main /home/uos/libtheora-18570/libtheora-18570/fuzzer.cpp:240 #8 0x7cc9a5e29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #9 0x7cc9a5e29e3f in __libc_start_main_impl ../csu/libc-start.c:392 #10 0x5d47100f9964 in _start (/home/uos/libtheora-18570/libtheora-18570/poc1+0x83964) Fixes github pull request #19. |
Petter Reinholdtsen <pere@debian.org> | not-needed | debian | https://gitlab.xiph.org/xiph/theora/-/commit/5665f86b8fd8345bb09469990e79221562ac204b | 2025-03-16 |
All known versions for source package 'libtheora'
- 1.2.0+dfsg-4 (experimental)
- 1.2.0~alpha1+dfsg-6 (trixie, sid)
- 1.1.1+dfsg.1-16.1 (bookworm)
- 1.1.1+dfsg.1-15 (bullseye)