Ubuntu

“libav” 4:0.7.6-0ubuntu0.11.10.2 source package in The Oneiric Ocelot

Publishing history

4:0.7.6-0ubuntu0.11.10.2
SUPERSEDED: Oneiric pocket Updates in component main and section libs
  • Removed from disk on 2013-01-29.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libav - 4:0.7.6-0ubuntu0.11.10.3
  • Published on 2012-12-19
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
4:0.7.6-0ubuntu0.11.10.2
SUPERSEDED: Oneiric pocket Security in component main and section libs
  • Removed from disk on 2013-01-29.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libav - 4:0.7.6-0ubuntu0.11.10.3
  • Published on 2012-12-19
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

libav (4:0.7.6-0ubuntu0.11.10.2) oneiric-security; urgency=low

  * SECURITY UPDATE: unspecified security issue in ff_rv34_decode_frame
    - debian/patches/CVE-2012-2772.patch: error out on size changes with
      frame threading in libavcodec/rv34.c.
    - CVE-2012-2772
  * SECURITY UPDATE: out of array write in quant_cof
    - debian/patches/CVE-2012-2775.patch: check opt_order in
      libavcodec/alsdec.c.
    - CVE-2012-2775
  * SECURITY UPDATE: security issues in decode_pic
    - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in
      libavcodec/cavsdec.c.
    - CVE-2012-2777
    - CVE-2012-2784
  * SECURITY UPDATE: unspecified vulnerability in the decode_frame
    - debian/patches/CVE-2012-2779.patch: prevent decoding happening on a
      half initialized context in libavcodec/indeo5.c.
    - CVE-2012-2779
  * SECURITY UPDATE: out of array write in the decode_wdlt function
    - debian/patches/CVE-2012-2786.patch: check frame_end in
      libavcodec/dfa.c.
    - CVE-2012-2786
  * SECURITY UPDATE: out of array read in avi_read_packet function
    - debian/patches/CVE-2012-2788.patch: use accurate size in
      libavformat/avidec.c.
    - CVE-2012-2788
  * SECURITY UPDATE: unspecified vulnerability in avi_read_packet
    - debian/patches/CVE-2012-2789.patch: check num_vec_coeffs for validity
      in libavcodec/wmaprodec.c.
    - CVE-2012-2789
  * SECURITY UPDATE: unspecified vulnerability in read_var_block_data
    - debian/patches/CVE-2012-2790.patch: fix number of decoded samples in
      libavcodec/alsdec.c.
    - CVE-2012-2790
  * SECURITY UPDATE: unspecified vulnerability in lag_decode_zero_run_line
    - debian/patches/CVE-2012-2793.patch: check count before writing zeros
      in libavcodec/lagarith.c.
    - CVE-2012-2793
  * SECURITY UPDATE: unspecified vulnerability in decode_mb_info
    - debian/patches/CVE-2012-2794.patch: check tile size in
      libavcodec/indeo5.c.
    - CVE-2012-2794
  * SECURITY UPDATE: out of array write in decode_dds1
    - debian/patches/CVE-2012-2798.patch: fix length check in
      libavcodec/dfa.c.
    - CVE-2012-2798
  * SECURITY UPDATE: unspecified vulnerability in ff_ivi_process_empty_tile
    - debian/patches/CVE-2012-2800.patch: check tile sizes in
      libavcodec/ivi_common.*, libavcodec/indeo5.c.
    - CVE-2012-2800
  * SECURITY UPDATE: out of array writes in avs.c
    - debian/patches/CVE-2012-2801.patch: force dimensions in
      libavcodec/avs.c.
    - CVE-2012-2801
 -- Marc Deslauriers <email address hidden>   Tue, 18 Dec 2012 10:04:54 -0500