lp:~medibuntu-maintainers/ffmpeg/medibuntu.lucid

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #356322: using -qscale in ffmpeg doesn't have any effect on coding	Undecided	Fix Released
Bug #386397: ffmpeg gets "Illegal instruction" on Pentium II	Medium	Fix Released
Bug #443264: swscale compile time width (VOF/VOFW) should be higher	Low	Fix Released
Bug #488267: ffmpeg should be built with -marm for lucid on armel	Low	Fix Released
Bug #490227: Wishlist: create ffmpeg with aac/libfaac support for Karmic	Undecided	Won't Fix
Bug #501729: ffmpeg: unrecognized option '-album'	Undecided	Fix Released
Bug #502209: Wishlist: create libavcodec-extra-52 and friends for Lucid	Wishlist	Fix Released
Bug #690169: Memory corruption in wmv parsing	Undecided	Invalid
Bug #1012132: June libav/ffmpeg security update tracking bug	Medium	Fix Released
Bug #1104019: January 2013 libav security tracking bug	Undecided	Fix Released

Link a bug report

Related blueprints

22. By Gauvain Pocentek on 2013-02-02

* Merge from lucid-security.
* debian/control:
  - update maintainer
  - update uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
  - debian/patches/CVE-2012-2783.patch: release frames on error in
    libavcodec/vp56.c.
  - CVE-2012-2783
* SECURITY UPDATE: double free vulnerability in mpeg_decode_frame
  - debian/patches/CVE-2012-2803.patch: do not decode extradata more than
    once in libavcodec/mpeg12.c.
  - CVE-2012-2803

21. By Gauvain Pocentek on 2012-12-22

* Merge from lucid-security.
* debian/control:
  - update maintainer
  - update uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: security issues in decode_pic
  - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in
    libavcodec/cavsdec.c.
  - CVE-2012-2777
  - CVE-2012-2784
* SECURITY UPDATE: out of array read in avi_read_packet function
  - debian/patches/CVE-2012-2788.patch: use accurate size in
    libavformat/avidec.c.
  - CVE-2012-2788
* SECURITY UPDATE: out of array writes in avs.c
  - debian/patches/CVE-2012-2801.patch: force dimensions in
    libavcodec/avs.c.
  - CVE-2012-2801

20. By Gauvain Pocentek on 2012-06-29

* Merge from lucid-security.
* debian/control:
  - update maintainer
  - update uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: Updated to libav 0.5.9 to fix multiple security
  issues. (LP: #1012132)
  - CVE-2011-3929
  - CVE-2011-3936
  - CVE-2011-3940
  - CVE-2011-3947
  - CVE-2011-3951
  - CVE-2011-3952
  - CVE-2012-0851
  - CVE-2012-0852
  - CVE-2012-0853
  - CVE-2012-0858
  - CVE-2012-0859
  - CVE-2012-0947
* Removed upstreamed patches:
  - CVE-2010-3429.patch
  - CVE-2010-3908.patch
  - CVE-2010-4704.patch
  - CVE-2011-0480.patch
  - CVE-2011-0722.patch
  - CVE-2011-0723.patch
  - CVE-2011-2161.patch
  - CVE-2011-3362.patch
  - CVE-2011-3504.patch
  - CVE-2011-4351.patch
  - CVE-2011-4353.patch
  - CVE-2011-4364.patch
  - CVE-2011-4579.patch

19. By Gauvain Pocentek on 2012-01-07

* Merge from lucid-security.
* debian/control:
  - update maintainer
  - update uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support lp: #490227
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: denial of service and possible code execution via
  malformed Matroska file
  - debian/patches/CVE-2011-3504.patch: verify memory allocation failures
    in libavformat/matroskadec.c.
  - CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing QDM2 stream
  - debian/patches/CVE-2011-4351.patch: check boundaries in
    libavcodec/qdm2.c.
  - CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing VP5 or VP6 streams
  - debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
    and libavcodec/vp6.c.
  - CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
  malformed VMD file
  - debian/patches/CVE-2011-4364.patch: properly check lengths in
    libavcodec/vmdav.c.
  - CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing svq1 stream
  - debian/patches/CVE-2011-4579.patch: set dimensions after they have
    changed in libavcodec/svq1dec.c.
  - CVE-2011-4579

18. By Gauvain Pocentek on 2011-09-23

* Merge from lucid-security.
* debian/control:
  - update maintainer
  - update uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support lp: #490227
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: denial of service via malformed APE file
  - debian/patches/CVE-2011-2161.patch: make sure there are frames in
    libavformat/ape.c.
  - CVE-2011-2161
* SECURITY UPDATE: arbitrary code execution via malformed CAVS file
  - debian/patches/CVE-2011-3362.patch: validate values in
    libavcodec/cavsdec.c.
  - CVE-2011-3362

17. By Gauvain Pocentek <gauvain@images> on 2011-04-08

put my name in the changelog...

16. By Gauvain Pocentek <gauvain@images> on 2011-04-08

debian/control:
  - update uploaders (remove Guillaume and add myself)

15. By Gauvain Pocentek <gauvain@images> on 2011-04-08

* Merge from lucid-security.
* debian/control:
  - update maintainer and uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support lp: #490227
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* SECURITY UPDATE: arbitrary code execution via crafted flic file
  - debian/patches/CVE-2010-3429.patch: add checks to
    libavcodec/flicvideo.c.
  - CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
  (LP: #690169)
  - debian/patches/CVE-2010-3908.patch: properly calculate size in
    libavcodec/utils.c.
  - CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
  - debian/patches/CVE-2010-4704.patch: validate codebook in
    libavcodec/vorbis_dec.c.
  - CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
  crafted WebM file
  - debian/patches/CVE-2011-0480.patch: check rangebits in
    libavcodec/vorbis_dec.c.
  - CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
  (LP: #690169)
  - debian/patches/CVE-2011-0722.patch: set dimensions in
    libavcodec/rv34.c.
  - CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
  crafted VC1 file (LP: #690169)
  - debian/patches/CVE-2011-0723.patch: fix invalid reads in
    libavcodec/vc1dec.c.
  - CVE-2011-0723

14. By Lionel Le Folgoc on 2010-03-21

releasing version 4:0.5.1-1ubuntu1+medibuntu1

13. By Lionel Le Folgoc on 2010-03-21

* Merge from lucid.
* debian/control:
  - update maintainer and uploaders
  - use our addresses in Vcs-* fields
  - build-depends on libfaac-dev, libopencore-amrnb-dev and
    libopencore-amrwb-dev to add aac encoding and amr support lp: #490227
  - recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
    reports.
* debian/confflags: add detection for opencore-amr.
* merge from 'main' package. Changes
  - build against faad, dirac, libopenjpeg, x264, mp3lame and xvidcore
* merge from debian. remaining changes:
  - don't disable encoders
  - don't build against libfaad, libdirac and libopenjpeg (all in universe)
* new upstream release:
  - clarifies documentation on metadata, Closes: #570050, LP: #501729
  - further security backports, Closes: #570713
* adapt to new versioning scheme
* use '<<' instead of '<' relationship for internal shlib file
* merge changes from ubuntu packaging
* drop wmapro backport again as discussed with upstream. The unrelated
  changes seem too risky for a stable release.
* debian/patches/901-fix-misc-typos.patch: New patch taken from
  upstream GIT (slightly modified) to fix some spelling errors.
* Document our calling of debhelper programs in an odd order in
  debian/rules.
* document some unattributed patches
* enable cpu autodetection in libswscale, Closes: #567725, LP: #386397
* backport wmapro codec from ffmpeg trunk
* tighten build dependency on new x264 package
* add libx264 wrapper backport for ffmpeg 0.5
* install presets in 'libavcodec package' instead of 'ffmpeg' binary,
  see git history for rationale of this change
* Upload to unstable
* Urgency medium because of fixed RC bugs (security issues)