touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #00288
[Bug 1341216] [NEW] Libav security fixes Jul 2014
Public bug reported:
trusty should get Libav 9.14:
version 9.14:
- adpcm: Write the proper predictor in trellis mode in IMA QT
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
- Check if an mp3 header is using a reserved sample rate
- lzo: Handle integer overflow (bug/704)
- avconv: make -shortest work with streamcopy
The lzo issue is claimed to be exploitable (remote code execution) on
i386.
** Affects: libav (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1341216
Title:
Libav security fixes Jul 2014
Status in “libav” package in Ubuntu:
New
Bug description:
trusty should get Libav 9.14:
version 9.14:
- adpcm: Write the proper predictor in trellis mode in IMA QT
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
- Check if an mp3 header is using a reserved sample rate
- lzo: Handle integer overflow (bug/704)
- avconv: make -shortest work with streamcopy
The lzo issue is claimed to be exploitable (remote code execution) on
i386.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1341216/+subscriptions
Follow ups
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Reinhard Tartler, 2014-08-09
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Launchpad Bug Tracker, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Launchpad Bug Tracker, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Launchpad Bug Tracker, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Launchpad Bug Tracker, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Marc Deslauriers, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Reinhard Tartler, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Marc Deslauriers, 2014-07-15
-
[Bug 1341216] Re: Libav security fixes Jul 2014
From: Reinhard Tartler, 2014-07-13
-
[Bug 1341216] [NEW] Libav security fixes Jul 2014
From: Reinhard Tartler, 2014-07-12
References