>> Package: libavformat52 >> Version: 0.svn20080206-11 >> Severity: grave >> Tags: security >> Justification: user security hole >> >> ubuntu just updated their libavformat packages to patch a problem with >> STR file demuxing [1]. does this problem apply to debian as well? the >> CVE number is CVE-2008-3162 [2]. >> >> [1] http://www.ubuntu.com/usn/usn-630-1 >> [2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
> Thanks for your report but this bug is a clear dupe of #489965. ok, i appologize, i did a quick scan of bugs in libavformat, and somehow missed this. there has not been a DSA to fix this problem in stable. is the libavformat0d package vulnerable there? and if so, why isn't the issue being tracked [1]? [1] http://security-tracker.debian.net/tracker/status/release/stable -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]