[ubuntu/maverick-security] ffmpeg 4:0.6-2ubuntu6.2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Sep 19 18:04:46 UTC 2011


ffmpeg (4:0.6-2ubuntu6.2) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    malformed OGG file
    - debian/patches/CVE-2011-1196.patch: revalidate index when necessary
      in libavformat/oggdec.c.
    - CVE-2011-1196
  * SECURITY UPDATE: denial of service and possible code execution via
    malformed AMV file
    - debian/patches/CVE-2011-1931.patch: don't change flags in
      libavcodec/sp5xdec.c.
    - CVE-2011-1931
  * SECURITY UPDATE: denial of service via malformed APE file
    - debian/patches/CVE-2011-2161.patch: make sure there are frames in
      libavformat/ape.c.
    - CVE-2011-2161
  * SECURITY UPDATE: arbitrary code execution via malformed CAVS file
    - debian/patches/CVE-2011-3362.patch: validate values in
      libavcodec/cavsdec.c.
    - CVE-2011-3362

Date: Fri, 16 Sep 2011 09:32:44 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/ffmpeg/4:0.6-2ubuntu6.2
-------------- next part --------------
Format: 1.8
Date: Fri, 16 Sep 2011 09:32:44 -0400
Source: ffmpeg
Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil50 libavcodec52 libavdevice52 libavformat52 libavfilter1 libpostproc51 libswscale0 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev libswscale-dev
Architecture: source
Version: 4:0.6-2ubuntu6.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ffmpeg     - multimedia player, server and encoder
 ffmpeg-dbg - Debug symbols for ffmpeg related packages
 ffmpeg-doc - documentation of the ffmpeg API
 libavcodec-dev - development files for libavcodec
 libavcodec52 - ffmpeg codec library
 libavdevice-dev - development files for libavdevice
 libavdevice52 - ffmpeg device handling library
 libavfilter-dev - development files for libavfilter
 libavfilter1 - ffmpeg video filtering library
 libavformat-dev - development files for libavformat
 libavformat52 - ffmpeg file format library
 libavutil-dev - development files for libavutil
 libavutil50 - ffmpeg utility library
 libpostproc-dev - development files for libpostproc
 libpostproc51 - ffmpeg video postprocessing library
 libswscale-dev - development files for libswscale
 libswscale0 - ffmpeg video scaling library
Changes: 
 ffmpeg (4:0.6-2ubuntu6.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed OGG file
     - debian/patches/CVE-2011-1196.patch: revalidate index when necessary
       in libavformat/oggdec.c.
     - CVE-2011-1196
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed AMV file
     - debian/patches/CVE-2011-1931.patch: don't change flags in
       libavcodec/sp5xdec.c.
     - CVE-2011-1931
   * SECURITY UPDATE: denial of service via malformed APE file
     - debian/patches/CVE-2011-2161.patch: make sure there are frames in
       libavformat/ape.c.
     - CVE-2011-2161
   * SECURITY UPDATE: arbitrary code execution via malformed CAVS file
     - debian/patches/CVE-2011-3362.patch: validate values in
       libavcodec/cavsdec.c.
     - CVE-2011-3362
Checksums-Sha1: 
 e2e42e7be619d101e4a408af12e4ff9f8c4b9275 2922 ffmpeg_0.6-2ubuntu6.2.dsc
 7c57fe03467d4f0648f7e702cc8a5d7a2e94d734 99619 ffmpeg_0.6-2ubuntu6.2.diff.gz
Checksums-Sha256: 
 0065695a101e0e3f4241e3f0c84081308c03fec47566878a28682151a98594b0 2922 ffmpeg_0.6-2ubuntu6.2.dsc
 0ef3529164b9198e19017aeaed7fd61fb3815674639708af589b27b6168a4035 99619 ffmpeg_0.6-2ubuntu6.2.diff.gz
Files: 
 41b3655af4eb922bc5dcd7f6f1dea377 2922 libs optional ffmpeg_0.6-2ubuntu6.2.dsc
 a1ed9c8cb84a6b63c5a0bba8440c98be 99619 libs optional ffmpeg_0.6-2ubuntu6.2.diff.gz
Original-Maintainer: Debian multimedia packages maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>


More information about the Maverick-changes mailing list