Ubuntu
libav package

October 2012 libav security tracking bug

Bug #1075593 reported by Marc Deslauriers
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libav (Ubuntu)
Fix Released
Medium
Reinhard Tartler
Oneiric
Invalid
Medium
Marc Deslauriers
Precise
Fix Released
Medium
Marc Deslauriers
Quantal
Fix Released
Medium
Marc Deslauriers
Raring
Fix Released
Medium
Reinhard Tartler

Bug Description

This is a bug to track the October 2012 libav security updates:

- 0.8.4 so far:

    CVE-2012-2772
    CVE-2012-2775
    CVE-2012-2776
    CVE-2012-2777
    CVE-2012-2779
    CVE-2012-2784
    CVE-2012-2786
    CVE-2012-2787
    CVE-2012-2788
    CVE-2012-2789
    CVE-2012-2790
    CVE-2012-2793
    CVE-2012-2794
    CVE-2012-2796
    CVE-2012-2798
    CVE-2012-2800
    CVE-2012-2801
    CVE-2012-2802

Marc Deslauriers (mdeslaur)
Changed in libav (Ubuntu Oneiric):
status: New → Confirmed
Changed in libav (Ubuntu Precise):
status: New → Confirmed
Changed in libav (Ubuntu Quantal):
status: New → Confirmed
Changed in libav (Ubuntu Raring):
status: New → Confirmed
Changed in libav (Ubuntu Oneiric):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libav (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libav (Ubuntu Quantal):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libav (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in libav (Ubuntu Precise):
importance: Undecided → Medium
Changed in libav (Ubuntu Quantal):
importance: Undecided → Medium
Changed in libav (Ubuntu Raring):
assignee: nobody → Reinhard Tartler (siretart)
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libav - 4:0.8.4-0ubuntu0.12.04.1

---------------
libav (4:0.8.4-0ubuntu0.12.04.1) precise-security; urgency=low

  * Update to 0.8.4 to fix multiple security issues. (LP: #1075593)
    - CVE-2012-2772
    - CVE-2012-2775
    - CVE-2012-2776
    - CVE-2012-2777
    - CVE-2012-2779
    - CVE-2012-2784
    - CVE-2012-2786
    - CVE-2012-2787
    - CVE-2012-2788
    - CVE-2012-2789
    - CVE-2012-2790
    - CVE-2012-2793
    - CVE-2012-2794
    - CVE-2012-2796
    - CVE-2012-2798
    - CVE-2012-2800
    - CVE-2012-2801
    - CVE-2012-2802
 -- Marc Deslauriers <email address hidden> Tue, 06 Nov 2012 11:03:10 -0500

Changed in libav (Ubuntu Precise):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libav - 6:0.8.4-0ubuntu0.12.10.1

---------------
libav (6:0.8.4-0ubuntu0.12.10.1) quantal-security; urgency=low

  * Update to 0.8.4 to fix multiple security issues. (LP: #1075593)
    - CVE-2012-2772
    - CVE-2012-2775
    - CVE-2012-2776
    - CVE-2012-2777
    - CVE-2012-2779
    - CVE-2012-2784
    - CVE-2012-2786
    - CVE-2012-2787
    - CVE-2012-2788
    - CVE-2012-2789
    - CVE-2012-2790
    - CVE-2012-2793
    - CVE-2012-2794
    - CVE-2012-2796
    - CVE-2012-2798
    - CVE-2012-2800
    - CVE-2012-2801
    - CVE-2012-2802
  * Removed upstreamed patches:
    - 0001-h264-allow-cropping-to-AVCodecContext.width-height.patch
    - 0002-mov-set-AVCodecContext.width-height-for-h264.patch
 -- Marc Deslauriers <email address hidden> Tue, 06 Nov 2012 10:29:38 -0500

Changed in libav (Ubuntu Quantal):
status: Confirmed → Fix Released
artur bryczek (arturbryczek)
Changed in libav (Ubuntu Oneiric):
status: Confirmed → Fix Committed
Changed in libav (Ubuntu Raring):
status: Confirmed → Fix Committed
Revision history for this message
Karma Dorje (taaroa) wrote :

artur bryczek, please don't change this bug's status without an explanation. Thanks.

Changed in libav (Ubuntu Oneiric):
status: Fix Committed → Confirmed
Changed in libav (Ubuntu Raring):
status: Fix Committed → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libav - 6:0.8.4-0ubuntu1

---------------
libav (6:0.8.4-0ubuntu1) raring-proposed; urgency=low

  * No change rebuild for raring

libav (6:0.8.4-0ubuntu0.12.10.1) quantal-security; urgency=low

  * Update to 0.8.4 to fix multiple security issues. (LP: #1075593)
    - CVE-2012-2772
    - CVE-2012-2775
    - CVE-2012-2776
    - CVE-2012-2777
    - CVE-2012-2779
    - CVE-2012-2784
    - CVE-2012-2786
    - CVE-2012-2787
    - CVE-2012-2788
    - CVE-2012-2789
    - CVE-2012-2790
    - CVE-2012-2793
    - CVE-2012-2794
    - CVE-2012-2796
    - CVE-2012-2798
    - CVE-2012-2800
    - CVE-2012-2801
    - CVE-2012-2802
  * Removed upstreamed patches:
    - 0001-h264-allow-cropping-to-AVCodecContext.width-height.patch
    - 0002-mov-set-AVCodecContext.width-height-for-h264.patch
 -- Jamie Strandboge <email address hidden> Fri, 16 Nov 2012 12:39:50 -0600

Changed in libav (Ubuntu Raring):
status: Confirmed → Fix Released
Marc Deslauriers (mdeslaur)
Changed in libav (Ubuntu Oneiric):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.