Ubuntu
ffmpeg-extra package

Branches for Karmic

Name Status Last Modified Last Commit
lp:ubuntu/karmic-security/ffmpeg-extra bug 2 Mature 2011-04-11 13:14:13 UTC
6. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-04-05 19:09:22 UTC

* SECURITY UPDATE: arbitrary code execution via crafted flic file
  - debian/patches/CVE-2010-3429.patch: add checks to
    libavcodec/flicvideo.c.
  - CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
  (LP: #690169)
  - debian/patches/CVE-2010-3908.patch: properly calculate size in
    libavcodec/utils.c.
  - CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
  - debian/patches/CVE-2010-4704.patch: validate codebook in
    libavcodec/vorbis_dec.c.
  - CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
  crafted WebM file
  - debian/patches/CVE-2011-0480.patch: check rangebits in
    libavcodec/vorbis_dec.c.
  - CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
  (LP: #690169)
  - debian/patches/CVE-2011-0722.patch: set dimensions in
    libavcodec/rv34.c.
  - CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
  crafted VC1 file (LP: #690169)
  - debian/patches/CVE-2011-0723.patch: fix invalid reads in
    libavcodec/vc1dec.c.
  - CVE-2011-0723
* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640
lp:ubuntu/karmic-updates/ffmpeg-extra 2 Mature 2011-04-11 14:03:18 UTC
6. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-04-05 19:09:22 UTC

* SECURITY UPDATE: arbitrary code execution via crafted flic file
  - debian/patches/CVE-2010-3429.patch: add checks to
    libavcodec/flicvideo.c.
  - CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
  (LP: #690169)
  - debian/patches/CVE-2010-3908.patch: properly calculate size in
    libavcodec/utils.c.
  - CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
  - debian/patches/CVE-2010-4704.patch: validate codebook in
    libavcodec/vorbis_dec.c.
  - CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
  crafted WebM file
  - debian/patches/CVE-2011-0480.patch: check rangebits in
    libavcodec/vorbis_dec.c.
  - CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
  (LP: #690169)
  - debian/patches/CVE-2011-0722.patch: set dimensions in
    libavcodec/rv34.c.
  - CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
  crafted VC1 file (LP: #690169)
  - debian/patches/CVE-2011-0723.patch: fix invalid reads in
    libavcodec/vc1dec.c.
  - CVE-2011-0723
* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640
lp:ubuntu/karmic/ffmpeg-extra bug 1 Development 2009-10-16 10:29:16 UTC
5. * make the conflicts/replaces on the ...

Author: Reinhard Tartler
Revision Date: 2009-10-16 10:29:16 UTC

* make the conflicts/replaces on the former -unstripped- variants
  versioned so the -unstripped- and -extra- variants can actually be
  coinstalled.
* remove references to obsolete 'cvs' packages. these have never existed
  in ubuntu after all.
13 of 3 results FirstPreviousNextLast