[libav-stable] h264: check for luma and chroma bit dept being equal

Reinhard Tartler siretart at gmail.com
Sat Mar 9 18:16:01 CET 2013


On Wed, Mar 6, 2013 at 4:13 PM, Luca Barbato <git at libav.org> wrote:
> Module: libav
> Branch: master
> Commit: 4987faee78b9869f8f4646b8dd971d459df218a5
>
> Author:    Luca Barbato <lu_zero at gentoo.org>
> Committer: Luca Barbato <lu_zero at gentoo.org>
> Date:      Mon Mar  4 11:21:08 2013 +0100
>
> h264: check for luma and chroma bit dept being equal
>
> The decoder assumes a single bit depth for all the planes
> while the specification allows different bit depths for luma
> and chroma.
>
> Avoid the possible problems described in CVE-2013-2277
>
> CC: libav-stable at libav.org
>

This patch applies cleanly to release/9, but not to release/0.8. Luca,
can you confirm that release/0.8 is not affected, or can you provide a
patch that applies to 0.8?

Thanks!

-- 
regards,
    Reinhard


More information about the libav-stable mailing list