[ubuntu/gutsy-security] faad2 2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Oct 6 22:55:28 BST 2008
faad2 (2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1) gutsy-security; urgency=low
* SECURITY UPDATE: Heap-based buffer overflow in the decodeMP4file function
(frontend/main.c) in FAAD2 before 2.6.1 allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
crafted MPEG-4 (MP4) file. (Closes LP: #277110)
* 11_CVE-2008-4201.diff
- Patch supplied by upstream modified slightly to patch cleanly
and address vulnerability.
* References
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201
http://www.audiocoding.com/patch/main_overflow.diff
CVE-2008-4201
Date: Fri, 03 Oct 2008 10:46:07 +0200
Changed-By: Stefan Lesicnik <stefan at lsd.co.za>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/gutsy/+source/faad2/2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1
-------------- next part --------------
Format: 1.7
Date: Fri, 03 Oct 2008 10:46:07 +0200
Source: faad2
Binary: bmp-mp4 faad libfaad2-0 libfaad2-dev libmp4v2-0 libmp4v2-dev xmms-mp4
Architecture: amd64 hppa i386 ia64 lpia powerpc source sparc
Version: 2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1
Distribution: gutsy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Stefan Lesicnik <stefan at lsd.co.za>
Description:
bmp-mp4 - a mp4/aac audio player for bmp
faad - freeware Advanced Audio Decoder player
libfaad2-0 - freeware Advanced Audio Decoder - runtime files
libfaad2-dev - freeware Advanced Audio Decoder - development files
libmp4v2-0 - MP4 container library - runtime files
libmp4v2-dev - MP4 container library - development files
xmms-mp4 - a mp4/aac audio player for xmms
Changes:
faad2 (2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1) gutsy-security; urgency=low
.
* SECURITY UPDATE: Heap-based buffer overflow in the decodeMP4file function
(frontend/main.c) in FAAD2 before 2.6.1 allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
crafted MPEG-4 (MP4) file. (Closes LP: #277110)
* 11_CVE-2008-4201.diff
- Patch supplied by upstream modified slightly to patch cleanly
and address vulnerability.
* References
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201
http://www.audiocoding.com/patch/main_overflow.diff
CVE-2008-4201
Files:
2b61f68be99bd48c2aa00cb24feea64f 202098 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
7af45305de9ce2a7200e6e427ae06c1b 222870 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
534d72d917ad50aa0c21f38326f761a0 235968 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
47492e4eec6d018ca70a7d72906c3141 353636 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
2a9fb7a3e241288da1e604d4664a32b8 21454 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
6d5326fca9b1026d2e75cc98ebcbe885 31852 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
095507a9c31cbdae5650f99a4818f31a 31900 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_amd64.deb
ec03da4f41ff2a6810d2ff88cb218e9c 214692 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
86579ed55451cf356db931efc5d79435 232760 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
92f522b87101623b32162c8a80f440a6 264136 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
4e67cc721ea4d920d7a1550b5a2e618a 398878 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
2d105b127de51fc63fda7242b83d04f3 22428 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
bc4a6375f474c78123e738318cae7834 35336 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
980c8ef350ff8b3254c2e31f85a44fad 35124 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_hppa.deb
b640508a137f45c34183b568159eb0a9 202726 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
0403178d2eea3c1956acf0170734a501 212034 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
0dab3066f4520f996fe3d904bf2a901a 233760 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
d435202a794a1d56b07a2e85ca8b6f9d 313802 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
74854f522c10fd33bdcfacd199598502 20378 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
5624256c5be5395dcb49dc1bba5c362e 29478 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
74c5789fc7470b6a7b4f7f7714a6a288 29592 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_i386.deb
a2584de8fcbb705874fa7d01187c2c20 258648 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
5d97424ffe56eecab936e25c637c8c35 286460 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
43173a3bfab55346dc05d3494a173ee9 278144 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
4a47ce5c1fd615600fb05303e4e7d898 484490 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
0457f327defff4a0f7ca2ebbfefda872 28456 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
26b17570e5710eaed97d5f746a0537a1 39958 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
c3272db9d46b5cc3dac4765aa801b7b6 39666 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_ia64.deb
36050b4cbc819f6829be5619dd72870b 203170 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
a955b9cbe98692e43fabd77d1f09c8e7 213338 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
6f95cbc4848cc8d8148ab11bc92428da 228690 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
b980089a1ce6478538835d2eb3b97e4e 318654 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
40cfc1494afba167d1115236d3a9d5b9 20440 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
15485ba637c613aaad58c7f9368615bf 29486 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
9cf624a4feb67d387d00fbdc13610b00 29498 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_lpia.deb
77035be00a57706040b043232e056ed9 212586 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
c03e8b16cd680a71eacda648d019c6d8 227480 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
9005cc6c4569ecb0ffc779b0fe03ddfb 251922 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
9643f4b929f4f96f1671f7803e73489d 370164 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
608af2e3d6a23c4d3f7693953600bea9 24268 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
bbfdf99eeec037a2ed6d9ed2c00f9320 35008 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
c12cd2ca535cf5e59111b9fad4cad21c 34730 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_powerpc.deb
d51fd43ad48fd58c2fa5f3965620f210 855 libs optional faad2_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1.dsc
b801d9cd437aa64cfee94487dc99961f 6498 libs optional faad2_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1.diff.gz
c6bf6a95bdc432f8f4f0b811492b7b85 206816 libs optional libfaad2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
8c95f73cc2c2f7aaec8fd794e5d7b640 223606 libdevel optional libfaad2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
c5bb58785725c87f6c0b7c7052fa7a48 232306 libs optional libmp4v2-0_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
2cc9cfe5cd91d014b7e81b369691b8f1 313132 libdevel optional libmp4v2-dev_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
a6f182f8de72122d0d485a0020c5d277 20612 sound optional faad_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
577893f019588ee8e0a3470282d10096 31222 sound optional xmms-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
db0781e2c793696cc377ac450dc14c47 30956 sound optional bmp-mp4_2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1_sparc.deb
Launchpad-Bugs-Fixed: 277110
Original-Maintainer: Sebastian Dröge <mail at slomosnail.de>
More information about the gutsy-changes
mailing list