[ubuntu/oneiric-security] libav 4:0.7.6-0ubuntu0.11.10.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Jan 28 13:16:33 UTC 2013

libav (4:0.7.6-0ubuntu0.11.10.3) oneiric-security; urgency=low

  * SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
    - debian/patches/CVE-2012-2783.patch: release frames on error in
    - CVE-2012-2783
  * SECURITY UPDATE: unspecified security issue in Indeo (LP: #1104019)
    - debian/patches/CVE-2012-2791.patch: check that scan pattern is set
      before using it in libavcodec/ivi_common.c.
    - CVE-2012-2791
  * SECURITY UPDATE: double free vulnerability in mpeg_decode_frame
    - debian/patches/CVE-2012-2803.patch: do not decode extradata more than
      once in libavcodec/mpeg12.c.
    - CVE-2012-2803
  * SECURITY UPDATE: issue in AAC decoding
    - debian/patches/CVE-2012-5144.patch: fix off-by-one in
    - CVE-2012-5144

Date: 2013-01-24 19:20:15.403863+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Oneiric-changes mailing list