lp:ubuntu/lucid-updates/ffmpeg
- Get this branch:
- bzr branch lp:ubuntu/lucid-updates/ffmpeg
Branch merges
Branch information
Recent revisions
- 48. By Marc Deslauriers
-
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/ CVE-2012- 2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerability in mpeg_decode_frame
- debian/patches/ CVE-2012- 2803.patch: do not decode extradata more than
once in libavcodec/mpeg12. c.
- CVE-2012-2803 - 47. By Marc Deslauriers
-
* SECURITY UPDATE: security issues in decode_pic
- debian/patches/ CVE-2012- 2777-2784. patch: prevent changing w/h in
libavcodec/cavsdec. c.
- CVE-2012-2777
- CVE-2012-2784
* SECURITY UPDATE: out of array read in avi_read_packet function
- debian/patches/ CVE-2012- 2788.patch: use accurate size in
libavformat/avidec. c.
- CVE-2012-2788
* SECURITY UPDATE: out of array writes in avs.c
- debian/patches/ CVE-2012- 2801.patch: force dimensions in
libavcodec/avs.c.
- CVE-2012-2801 - 46. By Marc Deslauriers
-
* SECURITY UPDATE: Updated to libav 0.5.9 to fix multiple security
issues. (LP: #1012132)
- CVE-2011-3929
- CVE-2011-3936
- CVE-2011-3940
- CVE-2011-3947
- CVE-2011-3951
- CVE-2011-3952
- CVE-2012-0851
- CVE-2012-0852
- CVE-2012-0853
- CVE-2012-0858
- CVE-2012-0859
- CVE-2012-0947
* Removed upstreamed patches:
- CVE-2010-3429.patch
- CVE-2010-3908.patch
- CVE-2010-4704.patch
- CVE-2011-0480.patch
- CVE-2011-0722.patch
- CVE-2011-0723.patch
- CVE-2011-2161.patch
- CVE-2011-3362.patch
- CVE-2011-3504.patch
- CVE-2011-4351.patch
- CVE-2011-4353.patch
- CVE-2011-4364.patch
- CVE-2011-4579.patch - 45. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
malformed Matroska file
- debian/patches/ CVE-2011- 3504.patch: verify memory allocation failures
in libavformat/matroskadec. c.
- CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- debian/patches/ CVE-2011- 4351.patch: check boundaries in
libavcodec/qdm2.c.
- CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- debian/patches/ CVE-2011- 4353.patch: check indexes in libavcodec/vp5.c
and libavcodec/vp6.c.
- CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- debian/patches/ CVE-2011- 4364.patch: properly check lengths in
libavcodec/vmdav.c.
- CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- debian/patches/ CVE-2011- 4579.patch: set dimensions after they have
changed in libavcodec/svq1dec. c.
- CVE-2011-4579 - 44. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via malformed APE file
- debian/patches/ CVE-2011- 2161.patch: make sure there are frames in
libavformat/ape.c.
- CVE-2011-2161
* SECURITY UPDATE: arbitrary code execution via malformed CAVS file
- debian/patches/ CVE-2011- 3362.patch: validate values in
libavcodec/cavsdec. c.
- CVE-2011-3362 - 43. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via crafted flic file
- debian/patches/ CVE-2010- 3429.patch: add checks to
libavcodec/flicvideo. c.
- CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via crafted wmv file
(LP: #690169)
- debian/patches/ CVE-2010- 3908.patch: properly calculate size in
libavcodec/utils.c.
- CVE-2010-3908
* SECURITY UPDATE: denial of service via crafted .ogg file
- debian/patches/ CVE-2010- 4704.patch: validate codebook in
libavcodec/vorbis_ dec.c.
- CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
crafted WebM file
- debian/patches/ CVE-2011- 0480.patch: check rangebits in
libavcodec/vorbis_ dec.c.
- CVE-2011-0480
* SECURITY UPDATE: arbitrary code execution via crafted RealMedia file
(LP: #690169)
- debian/patches/ CVE-2011- 0722.patch: set dimensions in
libavcodec/rv34.c.
- CVE-2011-0722
* SECURITY UPDATE: denial of service and possible code execution via
crafted VC1 file (LP: #690169)
- debian/patches/ CVE-2011- 0723.patch: fix invalid reads in
libavcodec/vc1dec. c.
- CVE-2011-0723 - 42. By Reinhard Tartler
-
* merge from debian. remaining changes:
- don't disable encoders
- don't build against libfaad, libdirac and libopenjpeg (all in universe) - 41. By Reinhard Tartler
-
* tighten build dependency on new x264 package
* add x264 backport for ffmpeg 0.5
* install presets in 'libavcodec package' instead of 'ffmpeg' binary,
see git history for rationale of this change - 40. By Reinhard Tartler
-
* merge from debian, remaining changes:
- dont disable internal encoders
- disabled extra depedencies (come with ffmpeg-extra)
- libdirac
- libopenjpeg
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/ffmpeg