[ubuntu/maverick-security] ffmpeg-extra 4:0.6-2ubuntu3.3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Jan 5 16:04:34 UTC 2012
ffmpeg-extra (4:0.6-2ubuntu3.3) maverick-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed Matroska file
- debian/patches/CVE-2011-3504.patch: verify memory allocation failures
in libavformat/matroskadec.c.
- CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- debian/patches/CVE-2011-4351.patch: check boundaries in
libavcodec/qdm2.c.
- CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP3 stream
- debian/patches/CVE-2011-4352.patch: check coefficient index in
libavcodec/vp3.c.
- CVE-2011-4352
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
and libavcodec/vp6.c.
- CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- debian/patches/CVE-2011-4364.patch: properly check lengths in
libavcodec/vmdav.c.
- CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- debian/patches/CVE-2011-4579.patch: set dimensions after they have
changed in libavcodec/svq1dec.c.
- CVE-2011-4579
Date: Wed, 21 Dec 2011 15:37:45 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/ffmpeg-extra/4:0.6-2ubuntu3.3
-------------- next part --------------
Format: 1.8
Date: Wed, 21 Dec 2011 15:37:45 -0500
Source: ffmpeg-extra
Binary: libavutil-extra-50 libavutil-unstripped-50 libavcodec-extra-52 libavcodec-unstripped-52 libavdevice-extra-52 libavdevice-unstripped-52 libavfilter-extra-1 libpostproc-extra-51 libpostproc-unstripped-51 libavformat-extra-52 libavformat-unstripped-52 libswscale-extra-0 libswscale-unstripped-0
Architecture: source
Version: 4:0.6-2ubuntu3.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libavcodec-extra-52 - ffmpeg codec library
libavcodec-unstripped-52 - ffmpeg utility library - transitional package
libavdevice-extra-52 - ffmpeg device handling library
libavdevice-unstripped-52 - ffmpeg utility library - transitional package
libavfilter-extra-1 - ffmpeg video filtering library
libavformat-extra-52 - ffmpeg file format library
libavformat-unstripped-52 - ffmpeg utility library - transitional package
libavutil-extra-50 - ffmpeg utility library
libavutil-unstripped-50 - ffmpeg utility library - transitional package
libpostproc-extra-51 - ffmpeg video postprocessing library
libpostproc-unstripped-51 - ffmpeg utility library - transitional package
libswscale-extra-0 - ffmpeg video scaling library
libswscale-unstripped-0 - ffmpeg utility library - transitional package
Changes:
ffmpeg-extra (4:0.6-2ubuntu3.3) maverick-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
malformed Matroska file
- debian/patches/CVE-2011-3504.patch: verify memory allocation failures
in libavformat/matroskadec.c.
- CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- debian/patches/CVE-2011-4351.patch: check boundaries in
libavcodec/qdm2.c.
- CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP3 stream
- debian/patches/CVE-2011-4352.patch: check coefficient index in
libavcodec/vp3.c.
- CVE-2011-4352
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
and libavcodec/vp6.c.
- CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- debian/patches/CVE-2011-4364.patch: properly check lengths in
libavcodec/vmdav.c.
- CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- debian/patches/CVE-2011-4579.patch: set dimensions after they have
changed in libavcodec/svq1dec.c.
- CVE-2011-4579
Checksums-Sha1:
34c65e55ac2822adcc00b28c6a3401dce05a4884 3259 ffmpeg-extra_0.6-2ubuntu3.3.dsc
7e200e109ddeac057a5df0abb5d65bebcc62c3fe 106228 ffmpeg-extra_0.6-2ubuntu3.3.diff.gz
Checksums-Sha256:
c1275bcfd69a95a4bd1f771844cfaa337c5d196c565a816000b98bf65a389928 3259 ffmpeg-extra_0.6-2ubuntu3.3.dsc
b11d203b5755a102c3f3b791b9b7c5db9d713a331f39dc9413a87d4762ec6023 106228 ffmpeg-extra_0.6-2ubuntu3.3.diff.gz
Files:
d7ffc745784fbdd5d2180870506d8ee1 3259 libs optional ffmpeg-extra_0.6-2ubuntu3.3.dsc
7195cd41d58a81d18a645fa0c979c6e6 106228 libs optional ffmpeg-extra_0.6-2ubuntu3.3.diff.gz
Original-Maintainer: Debian multimedia packages maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
More information about the Maverick-changes
mailing list