[ubuntu/hardy-security] faad2 2.6.1-2ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Oct 6 22:56:47 BST 2008
faad2 (2.6.1-2ubuntu0.1) hardy-security; urgency=low
* SECURITY UPDATE: Heap-based buffer overflow in the decodeMP4file function
(frontend/main.c) in FAAD2 before 2.6.1 allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
crafted MPEG-4 (MP4) file. (Closes LP: #277110)
* 12_heap_overflow.dpatch
- Patch supplied by upstream to address vulnerability.
* References
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201
http://www.audiocoding.com/patch/main_overflow.diff
CVE-2008-4201
Date: Thu, 02 Oct 2008 16:26:26 +0200
Changed-By: Stefan Lesicnik <stefan at lsd.co.za>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/faad2/2.6.1-2ubuntu0.1
-------------- next part --------------
Format: 1.7
Date: Thu, 02 Oct 2008 16:26:26 +0200
Source: faad2
Binary: faad libfaad-dev libfaad0 libfaad2-0
Architecture: amd64 hppa all i386 ia64 lpia powerpc source sparc
Version: 2.6.1-2ubuntu0.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Stefan Lesicnik <stefan at lsd.co.za>
Description:
faad - freeware Advanced Audio Decoder player
libfaad-dev - freeware Advanced Audio Decoder - development files
libfaad0 - freeware Advanced Audio Decoder - runtime files
libfaad2-0 - freeware Advanced Audio Decoder - dummy package
Changes:
faad2 (2.6.1-2ubuntu0.1) hardy-security; urgency=low
.
* SECURITY UPDATE: Heap-based buffer overflow in the decodeMP4file function
(frontend/main.c) in FAAD2 before 2.6.1 allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
crafted MPEG-4 (MP4) file. (Closes LP: #277110)
* 12_heap_overflow.dpatch
- Patch supplied by upstream to address vulnerability.
* References
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201
http://www.audiocoding.com/patch/main_overflow.diff
CVE-2008-4201
Files:
4cbbe7a28437f8ede52a8c7ceed911b1 167530 libs optional libfaad0_2.6.1-2ubuntu0.1_amd64.deb
d504d723979e0abb1d11b5e466f7f5d6 207526 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_amd64.deb
d87350f2780c39dd833b54cb3343a1df 29898 sound optional faad_2.6.1-2ubuntu0.1_amd64.deb
72aa28b5a92532ccb75a5d4443f523c1 178564 libs optional libfaad0_2.6.1-2ubuntu0.1_hppa.deb
558a1e4c569fcb9f7192bae7a62b3c7f 221738 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_hppa.deb
0bcb8d93e9d17b6508fed329772bcf1e 34302 sound optional faad_2.6.1-2ubuntu0.1_hppa.deb
8e66817e905ef99af211a0cc0a294003 5864 libs optional libfaad2-0_2.6.1-2ubuntu0.1_all.deb
5fefe0de58a4d27bf81d44e4513a6ca8 167146 libs optional libfaad0_2.6.1-2ubuntu0.1_i386.deb
2e6f3c2e15fc60b5aa2224dc3ccf36f6 205360 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_i386.deb
e25862ccd919b7a7051b63152252a7d5 29682 sound optional faad_2.6.1-2ubuntu0.1_i386.deb
16f3fcf11bb5f8ccffe64d0529a0a040 216806 libs optional libfaad0_2.6.1-2ubuntu0.1_ia64.deb
87d26918d7930966ea321e65dfe11af0 266874 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_ia64.deb
8581467c2b8cdcf5454a60e323cb43c4 39842 sound optional faad_2.6.1-2ubuntu0.1_ia64.deb
a1851da9997898f84227731ea7838d2c 167922 libs optional libfaad0_2.6.1-2ubuntu0.1_lpia.deb
1d0b07b46b60d29b845d681f581bca9f 204338 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_lpia.deb
643d2fc5cd736df7342c39fa9a9c52d2 29508 sound optional faad_2.6.1-2ubuntu0.1_lpia.deb
7eeb5aff8f728074a8fb857ff4c9d862 175066 libs optional libfaad0_2.6.1-2ubuntu0.1_powerpc.deb
e153fa057805d3152c7130e861c8481b 210892 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_powerpc.deb
05c221f85c962727335804b95605a490 34220 sound optional faad_2.6.1-2ubuntu0.1_powerpc.deb
d78652c03e959c93dd057338d472d887 760 libs optional faad2_2.6.1-2ubuntu0.1.dsc
d2f5c73c40d866d9304e5a7ab0af3609 356658 libs optional faad2_2.6.1-2ubuntu0.1.diff.gz
80dc9d51e3a8cc4236112012af889013 173610 libs optional libfaad0_2.6.1-2ubuntu0.1_sparc.deb
62b58a161e96926a4d66f5af85b923aa 211418 libdevel optional libfaad-dev_2.6.1-2ubuntu0.1_sparc.deb
ec89e812063d0ef51d4d633c5cae7e50 29686 sound optional faad_2.6.1-2ubuntu0.1_sparc.deb
Launchpad-Bugs-Fixed: 277110
Original-Maintainer: Matthew W. S. Bell <matthew at bells23.org.uk>
More information about the Hardy-changes
mailing list