[ubuntu/natty] libvpx 0.9.2-1ubuntu1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Wed Nov 10 17:05:27 GMT 2010


libvpx (0.9.2-1ubuntu1) natty; urgency=low

  * SECURITY UPDATE: fix heap memory corruption which could lead to denial of
    service or possibly execution of arbitrary code
    - debian/patches/900_CVE-2010-4203.patch: properly validate frame size and
      partition sizes
    - CVE-2010-4203

Date: Wed, 10 Nov 2010 10:36:17 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/libvpx/0.9.2-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 10 Nov 2010 10:36:17 -0600
Source: libvpx
Binary: libvpx-dev libvpx0 libvpx0-dbg libvpx-doc
Architecture: source
Version: 0.9.2-1ubuntu1
Distribution: natty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libvpx-dev - VP8 video codec (development files)
 libvpx-doc - VP8 video codec (API documentation)
 libvpx0    - VP8 video codec (shared library)
 libvpx0-dbg - VP8 video codec (debugging symbols)
Changes: 
 libvpx (0.9.2-1ubuntu1) natty; urgency=low
 .
   * SECURITY UPDATE: fix heap memory corruption which could lead to denial of
     service or possibly execution of arbitrary code
     - debian/patches/900_CVE-2010-4203.patch: properly validate frame size and
       partition sizes
     - CVE-2010-4203
Checksums-Sha1: 
 11f771153dd0725c99934098857bb7c2a4f7efd2 1907 libvpx_0.9.2-1ubuntu1.dsc
 7970e81caf5ae2d7913b55bf1df017dcf044bb42 11254 libvpx_0.9.2-1ubuntu1.debian.tar.gz
Checksums-Sha256: 
 e4de32845eee51f2ff9ab681feeee48d5d0ec7cb70b2a94065cb016b9c487d66 1907 libvpx_0.9.2-1ubuntu1.dsc
 cc4b8a3de69fa9d8ea39c5178f6372d2028b0c43af78f4e62ab6e46a98a2fb86 11254 libvpx_0.9.2-1ubuntu1.debian.tar.gz
Files: 
 6daa45013e395c4ef8c15416e87f08bc 1907 video optional libvpx_0.9.2-1ubuntu1.dsc
 49d7606871f63cff4284d1a09d6ac613 11254 video optional libvpx_0.9.2-1ubuntu1.debian.tar.gz
Original-Maintainer: Sebastian Dröge <slomo at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCgAGBQJM2s6nAAoJEFHb3FjMVZVzXhsP/1xffJgNdxlgfx1jiTGnkAvo
neC4rrDuaUU4nPx+iqQPw7bKvxcyXHWWtJr1ZR8ADRBisFEaGWeqWg+ejQdTw851
62fNDBLOnaxfx4WIeSAVag/MRuC0G/wpSJ7ZKw5IcanulucNDWYc9a1j2SygzKDF
eQ9fQL125/R0jInVc1vGAFaWkmZZRKLc/cKjIMK0Fj+7Aqzz8Zego/CR63nJNzUI
T4oJW4bQTyFVqFndIceEVN7jMVm0RDuF1B/YCk6uMUsi3KO3t2vd1WvNlGX1lsuq
erJFzTYWC9vWQUnpP3U2wCVF1hT7a4IuOdrwN3d341ue4zbKUm02CQUUZmDPcZXf
MbFqjTeMCWijh/V3ChvQqPZEJaOjBzlwYEQJ9bKWPL7kHgLwirLmR5K1k8zbdZnn
408d3/KBrxxnDlN8iAun4Lzfe/MEgM+I07ykB9t2FOYEiKs8U4/0gvSHbid8kME9
MRYDqaRzRLiic7Ihx3Sfig49MWBdowgn/T97prKmH+pyvZIzNpLguoYd1CEMt28W
mILV5oA/erYV10NcVN8jyuJwMVjNHQ0BwEdo13GKLIF47QBv36cofR58e/8EHoG/
3sy3+x8GdC/lRWS0AJjOCEhtlDjHd+mUbteV4QT1viNwyVz0f0Qch3J06l7E06Xw
fomOKwZZjTytn8IEnqt8
=gRK1
-----END PGP SIGNATURE-----


More information about the Natty-changes mailing list