-
Committer:
Bazaar Package Importer
-
Author(s):
Reinhard Tartler
-
Date:
2011-03-06 18:02:34 UTC
-
mfrom:
(0.1.14 upstream)
-
Revision ID:
james.westby@ubuntu.com-20110306180234-w5e9gx9jts1i2375
Tags: 4:0.5.4-1
* New upstream release. New releases fixes:
- Fix memory corruption in WMV parsing
(addresses CVE-2010-3908, LP: #690169)
- Fix heap corruption crashes (addresses CVE-2011-0722)
- Fix crashes in Vorbis decoding found by zzuf (addresses CVE-2010-4704,
Closes: #611495)
- Fix another crash in Vorbis decoding (addresses CVE-2011-0480,
Chrome issue 68115)
- Fix invalid reads in VC-1 decoding (related to CVE-2011-0723)
- Do not attempt to decode APE file with no frames (fixes DoS)
* drop fix-CVE-2010-3429.patch, applied upstream