-
Committer:
Gauvain Pocentek
-
Date:
2012-01-07 14:57:21 UTC
-
mfrom:
(5.1.18 maverick-security)
-
Revision ID:
gauvain@pocentek.net-20120107145721-eqmaacn841zdrfi4
* Merge from maverick-security.
* debian/control:
- update maintainer and uploaders
- use our addresses in Vcs-* fields
- build-depends on libfaac-dev, libopencore-amrnb-dev and
libopencore-amrwb-dev to add aac encoding and amr support lp: #490227
- recommends apport-hooks-medibuntu for lib*-extra-* to catch all bug
reports.
* SECURITY UPDATE: denial of service and possible code execution via
malformed Matroska file
- debian/patches/CVE-2011-3504.patch: verify memory allocation failures
in libavformat/matroskadec.c.
- CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- debian/patches/CVE-2011-4351.patch: check boundaries in
libavcodec/qdm2.c.
- CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP3 stream
- debian/patches/CVE-2011-4352.patch: check coefficient index in
libavcodec/vp3.c.
- CVE-2011-4352
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
and libavcodec/vp6.c.
- CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- debian/patches/CVE-2011-4364.patch: properly check lengths in
libavcodec/vmdav.c.
- CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- debian/patches/CVE-2011-4579.patch: set dimensions after they have
changed in libavcodec/svq1dec.c.
- CVE-2011-4579