-
libav (6:11.12-1~deb8u1) jessie-security; urgency=medium
* New upstream release.
- smacker: add sanity check for length in smacker_decode_tree()
(CVE-2017-16803)
-- Sebastian Ramacher <email address hidden> Sun, 18 Feb 2018 21:20:56 +0100
-
libav (6:11.11-1~deb8u1) jessie-security; urgency=medium
* Non-maintainer upload by the Security Team.
* New upstream release fixing multiple security issues.
- dfa: Disallow odd width/height and add proper bounds check for DDS1 chunks
(CVE-2017-9992)
- pictor: Correctly check frame dimensions (CVE-2017-7862)
- h264_cavlc: check the value of run_before
- dvbsubdec: improve error checking
- dvbsubdec: Fixed segfault when decoding subtitles
- rmdec: don't ignore the return value of av_get_packet()
- caf: add an Opus tag
- yadif: Account for the buffer alignment while processing the frame edges
- mov: log and return early on non-positive stsd entry counts
- arm: Fix SIGBUS on ARM when compiled with binutils 2.29
- smacker: return meaningful error codes on failure
- smacker: fix integer overflow with pts_inc
- mm: Skip unexpected audio packets
- aacsbr: Turnoff in the event of over read.
- smacker: Check that the data size is a multiple of a sample vector
(CVE-2015-8365)
- build: Add an option for passing linker flags to the shared library build
- flv: Validate the packet size
- mjpeg: Report non-3 component rgb lossless as not supported
- vc1dec: raise an error if sprite picture data is missing
- doc: Drop the legacy symlink to README
-- Hugo Lefeuvre <email address hidden> Sat, 21 Oct 2017 15:08:38 +0200
-
libav (6:11.9-1~deb8u1) jessie-security; urgency=medium
* New upstream release.
- mpegvideo_parser: avoid signed overflow in bitrate calculation.
(CVE-2016-9821)
- mpeg12dec: avoid signed overflow in bitrate calculation. (CVE-2016-9822)
* debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch:
Removed, included upstream.
-- Sebastian Ramacher <email address hidden> Sun, 23 Apr 2017 18:36:31 +0200
-
libav (6:11.8-1~deb8u1) jessie-security; urgency=medium
* New upstream release.
* debian/upstream-signing-key.pgp: Update upstream signing key.
* debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch:
Fix NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx. (CVE-2016-7424)
-- Sebastian Ramacher <email address hidden> Sat, 24 Sep 2016 15:23:39 +0200
-
libav (6:11.7-1~deb8u1) jessie-security; urgency=medium
* New upstream release fixing a security issue.
- mov: Check the entries value when parsing dref boxes (CVE-2016-3062)
* debian/patches/CVE-2016-2326.patch: Removed, included upstream.
-- Sebastian Ramacher <email address hidden> Sun, 12 Jun 2016 11:36:21 +0200
-
libav (6:11.6-1~deb8u1) jessie-security; urgency=medium
* New upstream release fixing multiple security issues.
- concat: disable by default (CVE-2016-1897, CVE-2016-1898)
- aac_parser: add required padding for GetBitContext buffer
- ac3_parser: add required padding for GetBitContext buffer
- imc: add required padding for GetBitContext buffer
- h263: Always check both dimensions
- opusdec: properly handle mismatching configurations in multichannel
streams
- mov: Correctly allocate ctts_data
- aac: Wait to know the channels before allocating frame
- rtpdec_asf: Check memory allocation and free memory on error
- jack: Check memory allocation
- mov: Check memory allocation
- mkv: Correctly report the latest packet had been flushed
- aic: Fix slice size computation for widths multiples of 32 macroblocks
- webp: Make sure enough bytes are available
- g726: Do not crash on user mistake
- bytestream2: set the reader to the end when reading more than available
- vp7: bound checking in vp7_decode_frame_header
- mux: Make sure that the data is actually written
- file: properly forward errors from file_read() and file_write()
- mmvideo: Make sure the rle does not write over the frame boundaries
- opus: Buffer the samples from the correct offset
- nut: Use the correct codec_tag when multiple are available
- truemotion2: Fix the buffer check
- mimic: Always return on failure
- msnwc_tcp: Correctly report failure
- rpza: Check the blocks left before processing one
- dvdsubdec: Validate the RLE offsets
- avi: Validate the stream-id for DV as well
- mov: Use the correct type for size
* debian/confflags: Force --disable-protocol=concat.
* debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts.
(CVE-2016-2326)
-- Sebastian Ramacher <email address hidden> Wed, 02 Mar 2016 23:13:43 +0100
-
libav (6:11.4-1~deb8u1) jessie-security; urgency=high
[ Sebastian Ramacher ]
* New upstream release fixing multiple security issues.
- h264: Make sure reinit failures mark the context as not initialized
(CVE-2015-3417)
- msrle: Use FFABS to determine the frame size in msrle_decode_pal4
(CVE-2015-3395)
- cavs: Remove an unneeded scratch buffer
- configure: Disable i686 for i586 and lower CPUs (debian/783082)
- mjpegenc: Fix JFIF header byte ordering (bug/808)
- nut: Make sure to clean up on read_header failure
- png: Set the color range as full range
- avi: Validate sample_size
- nut: Check chapter creation in decode_info_header
- alac: Reject rice_limit 0 if compression is used
- ape: Support _0000 files with nblock smaller than 64
- mux: Do not leave stale side data pointers in ff_interleave_add_packet()
- avresample: Reallocate the internal buffer to the correct size (bug/825)
- mpegts: Update the PSI/SI table only if the version change
- rtsp: Make sure we don't write too many transport entries into a
fixed-size array
- rtpenc_jpeg: Handle case of picture dimensions not dividing by 8
- mov: Fix little endian audio detection
- x86: Put COPY3_IF_LT under HAVE_6REGS (gentoo/541930)
- roqvideoenc: set enc->avctx in roq_encode_init
- mp3: Properly use AVCodecContext API
- libvpx: Fix mixed use of av_malloc() and av_reallocp()
- Revert "lavfi: always check av_expr_parse_and_eval() return value"
- alsdec: only adapt order for positive max_order
- alsdec: check sample pointer range in revert_channel_correlation
- aacpsy: correct calculation of minath in psy_3gpp_init
- alsdec: limit avctx->bits_per_raw_sample to 32
- aasc: return correct buffer size from aasc_decode_frame
- matroskadec: fix crash when parsing invalid mkv
- avconv: do not overwrite the stream codec context for streamcopy
- webp: ensure that each transform is only used once
- h264_ps: properly check cropping parameters against overflow
- hevc: zero the correct variables on invalid crop parameters
- hevc: make the crop sizes unsigned
[ Reinhard Tartler]
* drop 01-configure-disable-i686-for-i586
-- Sebastian Ramacher <email address hidden> Mon, 01 Jun 2015 11:12:42 +0200
-
libav (6:11.3-1+deb8u1) jessie; urgency=medium
* Fix use of illegal instruction on i586. (Closes: #783082)
- debian/confflags: Pass correct value to --cpu. Thanks to Bernhard
Übelacker for the patch.
- debian/patches:
+ 01-configure-disable-i686-for-i586.patch: Upstream patch to disable
i686 instructions on i586.
+ 02-configure-disable-ebx-gcc-4.9.patch: Workaround build failure with
gcc 4.9 and newer by disabling the use of ebx in handwritten assembler
code. Thanks to Bernhard Übelacker for the initial patch.
-- Sebastian Ramacher <email address hidden> Tue, 05 May 2015 21:59:47 +0200
-
libav (6:11.3-1) unstable; urgency=medium
* New upstream release fixing multiple security issues.
- utvideodec: Handle slice_height being zero (CVE-2014-9604)
- adxdec: set avctx->channels in adx_read_header
- rmenc: limit packet size
- webp: validate the distance prefix code
- rv10: check size of s->mb_width * s->mb_height
- eamad: check for out of bounds read (CID/1257500)
- mdec: check for out of bounds read (CID/1257501)
- configure: Properly fail when libcdio/cdparanoia is not found
- tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544)
- aic: Fix decoding files with odd dimensions
- vorbis: Check the vlc value in setup_classifs
- arm: Suppress tags about used cpu arch and extensions
- prores: Extend the padding check to 16bit
- icecast: Do not use chunked post, allows feeding to icecast properly
- img2dec: correctly use the parsed value from -start_number
- h264_cabac: Break infinite loops
- hevc_deblock: Fix compilation with nasm (libav #795)
- h264: initialize H264Context.avctx in init_thread_copy
- h264: Do not share rbsp_buffer across threads
- h264: only ref cur_pic in update_thread_context if it is initialized
- matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266)
- log: Unbreak no-tty support on 256color terminals
-- Sebastian Ramacher <email address hidden> Fri, 13 Mar 2015 23:27:25 +0100
-
libav (6:11.2-1) unstable; urgency=medium
* New upstream release fixing multiple security issues. (Closes: #773626)
- h264: restore a block mistakenly removed in e10fd08a
- on2avc: check number of channels (CVE-2014-8549)
- smc: fix the bounds check (CVE-2014-8548)
- gifdec: refactor interleave end handling (CVE-2014-8547)
- mmvideo: check frame dimensions (CVE-2014-8543)
- jvdec: check frame dimensions (CVE-2014-8542)
- mjpegdec: check for pixel format changes (CVE-2014-8541)
- mov: avoid a memleak when multiple stss boxes are present
- vc1: Do not assume seek happens after decoding
- avconv: Use the mpeg12 private option scan_offset (Closes: #773055)
- xsub: Support DXSA subtitles
- mp3dec: fix reading the Xing tag
- matroskaenc: write correct Display{Width, Height} in stereo encoding
- configure: Fix enabling memalign_hack automatically
- mp3enc: fix a triggerable assert
- latm: Do not give a score for a single instance
- mp3: Tweak the probe scores
- matroskaenc: write correct Display{Width, Height} in stereo encoding
- coverity: Fix most of the reported warnings and issues
* debian/control: Add myself to Uploaders.
-- Sebastian Ramacher <email address hidden> Sat, 17 Jan 2015 20:56:19 +0100
-
libav (6:11.1-1) unstable; urgency=medium
* Team upload.
* Upload to unstable.
-- Sebastian Ramacher <email address hidden> Tue, 30 Dec 2014 17:08:42 +0100
-
libav (6:11-2) unstable; urgency=medium
* add patches post v11 release, all of which will be included in the
next point release:
- 0001-apetag-Fix-APE-tag-size-check.patch
- 0002-Update-default-FATE-URL-for-release-11.patch
- 0003-h264-Always-invoke-the-get_format-callback.patch
- 0004-mpeg12-Always-invoke-the-get_format-callback.patch
- 0005-hevc-Initialize-mergecand_list-to-0.patch
- 0006-h264-reset-ret-to-avoid-propagating-minor-failures.patch
- 0007-hevc_mvs-initialize-the-temporal-MV-in-case-of-missi.patch
- 0008-hevc_mvs-make-sure-to-always-initialize-the-temporal.patch
- 0009-imc-fix-order-of-operations-in-coefficients-read.patch
- 0010-resample-Avoid-off-by-1-errors-in-PTS-calcs.patch
-- Reinhard Tartler <email address hidden> Sun, 19 Oct 2014 16:18:48 -0400
-
libav (6:11-1) unstable; urgency=low
* Upload final 11 release
- matroskadec: parse stereo mode on decoding (Closes: #757185)
-- Reinhard Tartler <email address hidden> Sat, 13 Sep 2014 15:36:38 -0400
-
libav (6:11~beta1-2) unstable; urgency=medium
[ Reinhard Tartler ]
* Make libavcodec-dev depend on libavresample-dev
[ Rico Tzschichholz ]
* Some fixes and leftovers from soname bumps
-- Reinhard Tartler <email address hidden> Sat, 30 Aug 2014 11:02:45 -0400
-
libav (6:10.4-1) unstable; urgency=medium
* New Upstream Release v10.3
- mpegts: Do not try to write a PMT larger than SECTION_SIZE
(CVE-2014-2263)
- mpegts: Define the section length with a constant
- ffv1dec: check that global parameters do not change in version 0/1
(CVE-2013-7020)
- h264: fix interpretation of interleaved stereo modes
- svq1: do not modify the input packet
- cdgraphics: do not return 0 from the decode function
- cdgraphics: switch to bytestream2 (CVE-2013-3674)
- jpeg2000: enable 4 component pixel formats
- stereo3d: add missing include guards
- huffyuvdec: check width size for yuv422p (CVE-2013-0848)
- mmvideo: check horizontal coordinate too (CVE-2013-3672)
- wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
* build against libgnutls28-dev (Closes: #758447)
-- Reinhard Tartler <email address hidden> Sun, 17 Aug 2014 21:55:47 -0400
-
libav (6:10.3-1) unstable; urgency=medium
* New Upstream Release v10.3
- huffyuv: Check and propagate function return values (CVE-2013-0868)
- h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
- pgssubdec: Check RLE size before copying (CVE-2013-0852)
- video4linux2: Avoid a floating point exception
- vf_select: Drop a debug av_log with an unchecked double to enum conversion
- librtmp: Don't free the temp url at the end of rtmp_open
- arm: Avoid using the 'setend' instruction on ARMv7 and newer
- avplay: Handle pixel aspect ratio properly
- eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
- pg2meet: allow size changes within original sizes
- af_compand: make sure request_frame always outputs at least one frame
-- Reinhard Tartler <email address hidden> Sun, 03 Aug 2014 22:30:41 -0400
-
libav (6:10.2-2) unstable; urgency=low
[ Reinhard Tartler ]
* Fixed typo in debian/NEWS (Closes: #753453)
[ Stefan Lippers-Hollmann ]
* libavcodec-extra: declare as Section: metapackages (Closes: #747921)
-- Reinhard Tartler <email address hidden> Sun, 20 Jul 2014 14:57:15 -0400
-
libav (6:10.2-1) unstable; urgency=high
* Bumping severity for critical LZO security issue.
* New Upstream Release v10.2
- aarch64: Use the correct syntax for relocations (Closes: #751856,
- LP: #1323144)
- ppc: Fix compilation for ppc64le (ELFv2) (LP: #1263802)
- avconv: make -shortest work with streamcopy
- lzo: Handle integer overflow (Reported by Don A. Bailey)
- Check if an mp3 header is using a reserved sample rate.
- Check mp3 header before calling avpriv_mpegaudio_decode_header().
- jpeg2000: fix dereferencing invalid pointers during cleanup
- avpacket: fix copying side data in av_packet_copy_props()
- oggenc: Set the right AVOption size for the pref_duration option
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- adpcm: Write the proper predictor in trellis mode in IMA QT
* No longer build avserver (Closes: #734335)
* Clarify licensing in debian/copyright (Closes: #698019)
-- Reinhard Tartler <email address hidden> Fri, 27 Jun 2014 22:23:32 -0400
-
libav (6:10.1-1) unstable; urgency=low
* New upstream release 10:
- pcm-dvd: Fix 20bit decoding (bug/592)
- avi: Improve non-interleaved detection (bug/666)
- arm: hpeldsp: fix put_pixels8_y2_{,no_rnd_}armv6
- arm: hpeldsp: prevent overreads in armv6 asm (bug/646)
- avfilter: Add missing emms_c when needed
- rtmpproto: Check the buffer sizes when copying app/playpath strings
- swscale: Fix an undefined behaviour
- vp9: Read the frame size as unsigned
- dcadec: Use correct channel count in stereo downmix check
- dcadec: Do not decode the XCh extension when downmixing to stereo
- matroska: add the Opus mapping
- matroskadec: read the CodecDelay element
- rtmpproto: Make sure to pass on the error code if read_connect failed
- lavr: allocate the resampling buffer with a positive size
- mp3enc: Properly write bitrate value in XING header (Closes: #736088)
- golomb: Fix the implementation of get_se_golomb_long
* Drop debian/libav-tools.maintscript. ffserver is no longer found in
stable, and this seems to cause other problems today (Closes: #742676)
-- Reinhard Tartler <email address hidden> Sun, 11 May 2014 12:28:45 -0400
-
libav (6:9.13-1) unstable; urgency=medium
* New upstream release 9.13:
- swscale: Fix an undefined behaviour
- matroska: add the Opus mapping
- mp3enc: Properly write bitrate value in XING header (Closes: #736088)
- origin/pu/9 oggdec: add support for Opus in Ogg demuxing
(Fixes: libav/603, Closes: #720563)
- apedec: do not buffer decoded samples over AVPackets (Closes: #744901)
- isom: lpcm in mov default to big endian
- movdec: handle 0x7fff langcode as macintosh per the specs
- h264: reset next_output_pic earlier in start_frame()
(Fixes: libav/672, Closes: #741240, LP: #1288206)
- rtmpproto: Make sure to pass on the error code if read_connect failed
- lavr: allocate the resampling buffer with a positive size
- tiffdec: use bytestream2 to simplify overread/overwrite protection
- resample: fix avresample_get_delay() return value
- avi: Improve non-interleaved detection (Fixes: libav/666)
- af_channelmap: fix ONE_STR mapping mode
- movenc: allow override of "writing application" tag
- matroskaenc: allow override of "writing application" tag
- avfilter: Add missing emms_c when needed
- build: Use pkg-config for openjpeg (Fixes: libav/387)
- mpeg12: check scantable indices in all decode_block functions
- sgidec: fix buffer size check in expand_rle_row()
- adx: check that the offset is not negative
- mpegvideo: set reference/pict_type on generated reference frames
- h264: Fix various crashes found in samples pointed by Mateusz
"j00ru" Jurczyk and Gynvael Coldwind - Thanks!
* Rebuild is reported to fix vaapi, Closes: #745655
* Fix invocation of dpkg-maintscript helper, LP: #1315672
* cleanup leftovers of the former libav-source package
* Simplify listing packages with dh_listpackage
* Drop transitional arch:all -extra- packages
* Bump standards version to 3.9.5, no changes needed
-- Reinhard Tartler <email address hidden> Sun, 04 May 2014 16:11:03 -0400
-
libav (6:9.11-3) unstable; urgency=low
* Add upstream patch to enable PIC on s390(x), Closes: #726733
-- Reinhard Tartler <email address hidden> Wed, 05 Mar 2014 02:49:52 +0000
-
libav (6:9.11-1) unstable; urgency=low
* Imported Upstream version 9.11
- drop patch mathematics-remove-asserts-from-av_rescale_rnd.patch,
merged upstream
- mathematics: remove asserts from av_rescale_rnd, (Closes: #718805)
* Support Opus in Ogg containers (Closes: #733884, 720563)
* Refactor conffile moving
* No longer build-depend on libtiff4-dev. Closes: #736020
* Disable opencv filter because of #737584
* Check upstream OpenPGP signatures (Closes: #723692)
-- Reinhard Tartler <email address hidden> Wed, 05 Feb 2014 00:24:42 +0000
-
libav (6:9.10-2) unstable; urgency=low
[ Fabian Greffrath ]
* Fix upstream changelog link in previous changelog entry.
* Transition from the "texi2html" utility to the "makeinfo" utility from the
texinfo package, fixes build-depends-on-obsolete-package lintian error and
addresses <https://lists.debian.org/debian-devel/2013/05/msg01516.html>.
* debhelper (>= 9) is now available in stable and old-bpo.
* Use "set -e" in the body of the libav-tools maintainer scripts.
* Fix vcs-field-not-canonical lintian warning.
* Set executable permissions for qt-faststart, fixes unstripped-binary-or-object
lintian warning.
* Fix some spelling errors detected by lintian.
[ Reinhard Tartler ]
* compile against libtiff5-dev
* Drop some special code paths for building the ubuntu flavor
(no longer necessary over there)
-- Reinhard Tartler <email address hidden> Sun, 03 Nov 2013 08:35:04 -0500
-
libav (6:9.10-1) unstable; urgency=medium
* New upstream release 9.10
* Too many security related upstream changes to list here, please cf. to
upstream changelog:
http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.9
* Urgency set to medium because new upstream release fixes many security issues.
* Do not accidentally overwrite installed binaries from different flavors.
Thanks to Fabian Greffrath for the patch (Closes: #725956)
-- Reinhard Tartler <email address hidden> Thu, 10 Oct 2013 10:53:54 -0400
-
libav (6:9.8-2) unstable; urgency=low
* Upload to unstable
* Weaken dependencies on libx264, opencv and frei0r for now to allow
compilation. This dependency will be tightened as soon as the
libraries have been updated in unstable.
-- Reinhard Tartler <email address hidden> Tue, 13 Aug 2013 15:10:05 +0200
-
libav (6:0.8.7-1) unstable; urgency=medium
* Imported Upstream version 0.8.7, new releases fixes:
- wav: Always seek to an even offset, Bug #500, LP: #1174737
- A number of further security relevant patches.
-- Reinhard Tartler <email address hidden> Mon, 20 May 2013 11:04:00 +0200
-
libav (6:0.8.6-1) unstable; urgency=low
* Imported Upstream version 0.8.6, new releases fixes:
- h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
- iff: validate CMAP palette size (CVE-2013-2495)
- msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496)
- vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
- Thus, closes: #703200
-- Reinhard Tartler <email address hidden> Sun, 24 Mar 2013 07:35:51 +0100
