Ubuntu
libav package

Branches for Precise

Name Status Last Modified Last Commit
lp://staging/ubuntu/precise/libav bug 2 Mature 2012-03-22 05:08:16 UTC
19. * New upstream bug and security fix r...

Author: Micah Gersten
Revision Date: 2012-03-21 21:18:24 UTC

* New upstream bug and security fix release (FFe: LP: #960949)
  - fixes the following CVEs:
    CVE-2012-0848, CVE-2012-0853, CVE-2012-0858, CVE-2011-3929,
    CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945,
    CVE-2011-3947, CVE-2011-3951, CVE-2011-3952

* Pull fix from Debian git to fix installation of avserver.conf and
  recordshow.sh into libav-tools; Thanks to Julien Cristau for spotting this!
  - update debian/rules
lp://staging/ubuntu/precise-security/libav bug 2 Mature 2016-04-01 08:30:13 UTC
32. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330
lp://staging/ubuntu/precise-updates/libav 2 Mature 2016-04-01 08:30:13 UTC
32. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330
lp://staging/~jderose/ubuntu/precise/libav/fix-937561 1 Development 2012-07-30 20:10:15 UTC
23. Oops, distro should be precise-propos...

Author: Jason Gerard DeRose
Revision Date: 2012-07-30 20:10:15 UTC

Oops, distro should be precise-proposed (thanks, slangasek)
14 of 4 results FirstPreviousNextLast