-
Committer:
Bazaar Package Importer
-
Author(s):
William Grant
-
Date:
2008-09-21 14:00:25 UTC
-
Revision ID:
james.westby@ubuntu.com-20080921140025-65enexeritu02wih
Tags: 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2
* SECURITY UPDATE: multiple denials of service and arbitrary code execution
vulnerabilities. (LP: #262705)
- debian/patches/040_CVE-2008-3732.diff: Fix TTA integer handling. Fixes
arbitrary code execution. Patch from upstream git.
- debian/patches/041_CVE-2008-3794.diff: Fix MMS integer handling. Fixes
arbitrary code execution. Patch from upstream git.
- References:
+ http://www.videolan.org/security/sa0807.html
+ CVE-2008-3732
+ CVE-2008-3794