lp:ubuntu/maverick-security/ffmpeg

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

54. By Marc Deslauriers on 2011-12-21

* SECURITY UPDATE: denial of service and possible code execution via
  malformed Matroska file
  - debian/patches/CVE-2011-3504.patch: verify memory allocation failures
    in libavformat/matroskadec.c.
  - CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing QDM2 stream
  - debian/patches/CVE-2011-4351.patch: check boundaries in
    libavcodec/qdm2.c.
  - CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing VP3 stream
  - debian/patches/CVE-2011-4352.patch: check coefficient index in
    libavcodec/vp3.c.
  - CVE-2011-4352
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing VP5 or VP6 streams
  - debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
    and libavcodec/vp6.c.
  - CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
  malformed VMD file
  - debian/patches/CVE-2011-4364.patch: properly check lengths in
    libavcodec/vmdav.c.
  - CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
  malformed file containing svq1 stream
  - debian/patches/CVE-2011-4579.patch: set dimensions after they have
    changed in libavcodec/svq1dec.c.
  - CVE-2011-4579

53. By Marc Deslauriers on 2011-09-16

* SECURITY UPDATE: denial of service and possible code execution via
  malformed OGG file
  - debian/patches/CVE-2011-1196.patch: revalidate index when necessary
    in libavformat/oggdec.c.
  - CVE-2011-1196
* SECURITY UPDATE: denial of service and possible code execution via
  malformed AMV file
  - debian/patches/CVE-2011-1931.patch: don't change flags in
    libavcodec/sp5xdec.c.
  - CVE-2011-1931
* SECURITY UPDATE: denial of service via malformed APE file
  - debian/patches/CVE-2011-2161.patch: make sure there are frames in
    libavformat/ape.c.
  - CVE-2011-2161
* SECURITY UPDATE: arbitrary code execution via malformed CAVS file
  - debian/patches/CVE-2011-3362.patch: validate values in
    libavcodec/cavsdec.c.
  - CVE-2011-3362

52. By Marc Deslauriers on 2011-03-31

* SECURITY UPDATE: denial of service via crafted .ogg file
  - debian/patches/fix-CVE-2010-4704.patch: validate codebook in
    libavcodec/vorbis_dec.c.
  - CVE-2010-4704
* SECURITY UPDATE: denial of service and possible code execution via
  crafted WebM file
  - debian/patches/fix-CVE-2011-0480.patch: check rangebits in
    libavcodec/vorbis_dec.c.
  - CVE-2011-0480
* SECURITY UPDATE: denial of service and possible code execution via
  crafted VC1 file (LP: #690169)
  - debian/patches/fix-CVE-2011-0723.patch: fix invalid reads in
    libavcodec/vc1dec.c.
  - CVE-2011-0723

51. By Reinhard Tartler on 2010-10-05

fix dependency on libswscale-extra-0, LP: #637895

50. By Reinhard Tartler on 2010-10-05

Add flic video patch. Fixes CVE-2010-3429

49. By Matthias Klose on 2010-10-04

Configure with --enable-pic on powerpc. LP: #654666.

48. By Dominic Evans on 2010-09-10

add libxfixes-dev to build-depends, LP: #631103

47. By Reinhard Tartler on 2010-07-11

weaken the dependencies for the -extra package

46. By Reinhard Tartler on 2010-07-11

* merge from debian/experimental. remaining changes:
  - don't disable encoders
  - don't build against libfaad, libdirac, librtmp and libopenjpeg (all in universe)

45. By Reinhard Tartler on 2010-06-16

* merge from debian/experimental. remaining changes:
  - don't disable encoders
  - don't build against libfaad, libdirac and libopenjpeg (all in universe)
* new upstream release
  - internal vorbis encoder is disabled. LP: #585330
  - includes native AMR-NB decoder, LP: #93849
  - api-example is fixed: LP: #557319