[ubuntu/karmic-security] ffmpeg (delayed), ffmpeg 4:0.5+svn20090706-2ubuntu2.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Apr 19 19:03:19 BST 2010
ffmpeg (4:0.5+svn20090706-2ubuntu2.1) karmic-security; urgency=low
* SECURITY UPDATE: Fix a multitude of security issues
- debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
existence before assignment
- debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
indexes
- debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
value
- debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
per-packet mode indexes and per-header mode mapping indexes
- debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
index and subclass book index.
- debian/patches/CVE-2009-46XX/security-issue08.patch: check
res_setup->books
- debian/patches/CVE-2009-46XX/security-issue09.patch: check
begin/end/partition_size
- debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
of channels & samplerate
- debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
check
- debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
for magnitude and angle
- debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
- debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
against 0 too
- debian/patches/CVE-2009-46XX/security-issue15.patch: fix
init_get_bits() buffer size
- debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
all memory allocations succeed
- debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
buffer over-read in vorbis_comment
- debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
0 to avoid having it uninitialized
- debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
for ogg streams where no ogg header was found
- debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id
and codec_type, make sure priv_data is freed and codec is set to NULL
- CVE-2009-4632
- CVE-2009-4633
- CVE-2009-4634
- CVE-2009-4635
- CVE-2009-4637
- CVE-2009-4639
- CVE-2009-4640
Date: Thu, 08 Apr 2010 09:34:05 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/ffmpeg/4:0.5+svn20090706-2ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Thu, 08 Apr 2010 09:34:05 -0400
Source: ffmpeg
Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil49 libavcodec52 libavdevice52 libavformat52 libavfilter0 libpostproc51 libswscale0 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev libswscale-dev
Architecture: source
Version: 4:0.5+svn20090706-2ubuntu2.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
ffmpeg - multimedia player, server and encoder
ffmpeg-dbg - Debug symbols for ffmpeg related packages
ffmpeg-doc - documentation of the ffmpeg API
libavcodec-dev - development files for libavcodec
libavcodec52 - ffmpeg codec library
libavdevice-dev - development files for libavdevice
libavdevice52 - ffmpeg device handling library
libavfilter-dev - development files for libavfilter
libavfilter0 - ffmpeg video filtering library
libavformat-dev - development files for libavformat
libavformat52 - ffmpeg file format library
libavutil-dev - development files for libavutil
libavutil49 - ffmpeg utility library
libpostproc-dev - development files for libpostproc
libpostproc51 - ffmpeg video postprocessing library
libswscale-dev - development files for libswscale
libswscale0 - ffmpeg video scaling library
Changes:
ffmpeg (4:0.5+svn20090706-2ubuntu2.1) karmic-security; urgency=low
.
* SECURITY UPDATE: Fix a multitude of security issues
- debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
existence before assignment
- debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
indexes
- debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
value
- debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
per-packet mode indexes and per-header mode mapping indexes
- debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
index and subclass book index.
- debian/patches/CVE-2009-46XX/security-issue08.patch: check
res_setup->books
- debian/patches/CVE-2009-46XX/security-issue09.patch: check
begin/end/partition_size
- debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
of channels & samplerate
- debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
check
- debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
for magnitude and angle
- debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
- debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
against 0 too
- debian/patches/CVE-2009-46XX/security-issue15.patch: fix
init_get_bits() buffer size
- debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
all memory allocations succeed
- debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
buffer over-read in vorbis_comment
- debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
0 to avoid having it uninitialized
- debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
for ogg streams where no ogg header was found
- debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id
and codec_type, make sure priv_data is freed and codec is set to NULL
- CVE-2009-4632
- CVE-2009-4633
- CVE-2009-4634
- CVE-2009-4635
- CVE-2009-4637
- CVE-2009-4639
- CVE-2009-4640
Checksums-Sha1:
cd9ef1d68dafb180c1204a4033fac44b176cc61a 2318 ffmpeg_0.5+svn20090706-2ubuntu2.1.dsc
251e872b9a1b0e690633ab860a78b9b138669a86 108008 ffmpeg_0.5+svn20090706-2ubuntu2.1.diff.gz
Checksums-Sha256:
717431477756a108f9cc44ac2db7402a450e65817d5244e996d2473660694abd 2318 ffmpeg_0.5+svn20090706-2ubuntu2.1.dsc
ae9bbbb61908f2cf02c33da1ef1da78b10f1ffecf2df8c15d0a391e4b086f0d6 108008 ffmpeg_0.5+svn20090706-2ubuntu2.1.diff.gz
Files:
bd9a8b1809ac0a3e0d33d2a73554d0e9 2318 libs optional ffmpeg_0.5+svn20090706-2ubuntu2.1.dsc
46255110cea73561f5e95f0157412237 108008 libs optional ffmpeg_0.5+svn20090706-2ubuntu2.1.diff.gz
Original-Maintainer: Debian multimedia packages maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
More information about the Karmic-changes
mailing list