[ubuntu/precise-security] libav 4:0.8.17-0ubuntu0.12.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Apr 4 18:00:31 UTC 2016 

libav (4:0.8.17-0ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY UPDATE: invalid memory access via crafted MJPEG data
    - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
      libavcodec/mjpegdec.c.
    - CVE-2014-8541
  * SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
    - debian/patches/CVE-2015-1872.patch: check number of components in
      libavcodec/mjpegdec.c.
    - CVE-2015-1872
  * SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
    - debian/patches/CVE-2015-3395.patch: determine frame size in
      libavcodec/msrledec.c.
    - CVE-2015-3395
  * SECURITY UPDATE: size issue in ff_h263_decode_picture_header
    - debian/patches/CVE-2015-5479.patch: check both dimensions in
      libavcodec/ituh263dec.c.
    - CVE-2015-5479
  * SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
    - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
      libavcodec/pngdec.c.
    - CVE-2015-6818
  * SECURITY UPDATE: out of bounds array access in ff_sbr_apply
    - debian/patches/CVE-2015-6820.patch: check that the element type
      matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
    - CVE-2015-6820
  * SECURITY UPDATE: uninitialized memory access in sws_init_context
    - debian/patches/CVE-2015-6824.patch: clear buffers in
      libswscale/utils.c
    - CVE-2015-6824
  * SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
    - debian/patches/CVE-2015-6826.patch: clear pointers in
      libavcodec/rv34.c.
    - CVE-2015-6826
  * SECURITY UPDATE: integer overflow in ff_ivi_init_planes
    - debian/patches/CVE-2015-8364.patch: check image dimensions in
      libavcodec/ivi_common.c.
    - CVE-2015-8364
  * SECURITY UPDATE: out of bounds array access in smka_decode_frame
    - debian/patches/CVE-2015-8365.patch: validate data size in
      libavcodec/smacker.c.
    - CVE-2015-8365
  * SECURITY UPDATE: cross-origin attack and arbitrary file read via the
    concat protocol
    - debian/confflags: disable concat protocol.
    - CVE-2016-1897
    - CVE-2016-1898
  * SECURITY UPDATE: integer overflow in asf_write_packet
    - debian/patches/CVE-2016-2326.patch: check pts in
      libavformat/asfenc.c.
    - CVE-2016-2326
  * SECURITY UPDATE: out of bounds array access via tga file
    - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
      libavcodec/gif.c.
    - CVE-2016-2330

Date: 2016-04-01 14:21:13.857991+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libav/4:0.8.17-0ubuntu0.12.04.2
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list