[ubuntu/trusty-security] libav 6:9.16-0ubuntu0.14.04.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Aug 11 11:41:05 UTC 2014
libav (6:9.16-0ubuntu0.14.04.1) trusty-security; urgency=medium
* New upstream release 9.14:
- vp3: Copy all 3 frames for thread updates (CVE-2011-3934)
- mpegts: Do not try to write a PMT larger than SECTION_SIZE (CVE-2014-2263)
- mpegts: Define the section length with a constant
- error_concealment: avoid using the picture if not fully setup (CVE-2013-0860)
- svq1: do not modify the input packet
- cdgraphics: do not return 0 from the decode function
- cdgraphics: switch to bytestream2 (CVE-2013-3674)
- huffyuvdec: check width size for yuv422p (CVE-2013-0848)
- mmvideo: check horizontal coordinate too (CVE-2013-3672)
- wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
- lavc: Check the image size before calling get_buffer (CVE-2011-3935)
- huffyuv: Check and propagate function return values (CVE-2013-0868)
- h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
- h264_sei: check SEI size
- pgssubdec: Check RLE size before copying (CVE-2013-0852)
- fate: Add dependencies for dct/fft/mdct/rdft tests
- video4linux2: Avoid a floating point exception
- vf_select: Drop a debug av_log with an unchecked double to enum conversion
- eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
Date: 2014-08-10 18:10:19.695614+00:00
Changed-By: Reinhard Tartler <siretart at gmail.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/trusty/+source/libav/6:9.16-0ubuntu0.14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list