Your message dated Wed, 09 Jan 2013 06:48:03 +0000 with message-id <e1tspsf-0004xc...@franck.debian.org> and subject line Bug#694483: fixed in libav 6:9.1-1 has caused the Debian Bug report #694483, regarding CVEs: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 694483: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libav Version: 0.8.4 Severity: grave Tags: security Justification: user security hole Dear Maintainer, I have here another series of CVEs for ffmpeg/libav: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361 For the last 3 http://technet.microsoft.com/en-us/security/msvr/msvr12-017 claims that they are fixed in ffmpeg 0.11, but the available information on all of them is a bit thin. Thanks for all the good work! AW -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (50, 'unstable'), (40, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.29 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---Source: libav Source-Version: 6:9.1-1 We believe that the bug you reported is fixed in the latest version of libav, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 694...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Reinhard Tartler <siret...@tauware.de> (supplier of updated libav package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 07 Jan 2013 22:42:25 +0100 Source: libav Binary: libav-tools libav-dbg libav-doc libavutil52 libavcodec54 libavdevice53 libavformat54 libavfilter3 libswscale2 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libswscale-dev libavresample-dev libavresample1 libavutil-extra-52 libavcodec-extra-54 libavdevice-extra-53 libavfilter-extra-3 libavformat-extra-54 libswscale-extra-2 Architecture: source amd64 all Version: 6:9.1-1 Distribution: experimental Urgency: low Maintainer: Reinhard Tartler <siret...@debian.org> Changed-By: Reinhard Tartler <siret...@tauware.de> Description: libav-dbg - Debug symbols for Libav related packages libav-doc - Documentation of the Libav API libav-tools - Multimedia player, server, encoder and transcoder libavcodec-dev - Development files for libavcodec libavcodec-extra-54 - Libav codec library (additional codecs) libavcodec54 - Libav codec library libavdevice-dev - Development files for libavdevice libavdevice-extra-53 - Libav device handling library (transitional package) libavdevice53 - Libav device handling library libavfilter-dev - Development files for libavfilter libavfilter-extra-3 - Libav filter library (transitional package) libavfilter3 - Libav video filtering library libavformat-dev - Development files for libavformat libavformat-extra-54 - Libav file format library (transitional package) libavformat54 - Libav file format library libavresample-dev - Development files for libavresample libavresample1 - Libav audo resampling library libavutil-dev - Development files for libavutil libavutil-extra-52 - Libav utility library (transitional package) libavutil52 - Libav utility library libswscale-dev - Development files for libswscale libswscale-extra-2 - Libav video software scaling library (transitional package) libswscale2 - Libav video scaling library Closes: 694483 694657 Changes: libav (6:9.1-1) experimental; urgency=low . [ Jonas Smedegaard ] * Rewrite copyright file using copyright format 1.0. Closes: bug#694657. Thanks to Francesco Poli. * Include CDBS utils.mk, to track future copyright/licensing changes. Build-depend on cdbs. Update README.source. . [ Reinhard Tartler ] * Imported Upstream version 9 - New releases fixes (among others) CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361, Closes: #694483 * drop debian/recordshow.sh * ignore shlib-with-non-pic-code also for libavcodec-extra-54 * make libavcodec54/libavcodec-extra-54 properly conflict/replace each other Checksums-Sha1: 5ca6e6595555145366428debac5ef56312537abc 3432 libav_9.1-1.dsc 991bf50e6a8b3d290bb84b8113f27e758b115471 4062784 libav_9.1.orig.tar.xz 156d04790826e994edae4e3cf769bee2adcac56a 68068 libav_9.1-1.debian.tar.gz 5b43d163d23ba8d9e4053a64fe9ab490b26704a3 3411252 libav-tools_9.1-1_amd64.deb 1a990e022eca164d2dab568190553afb0595f23e 33658064 libav-dbg_9.1-1_amd64.deb 7e5a47e1533bc0a24e1ba6ede60c2090c9fc4002 14034188 libav-doc_9.1-1_all.deb 8146ed3adf7f729d5b3103e2c736f233b569b0bf 105174 libavutil52_9.1-1_amd64.deb c0d67da8544381f87958e51ba868cc57c4785083 2473558 libavcodec54_9.1-1_amd64.deb 372af0a258687edd6d11669ca4df79714f5b3ba5 73246 libavdevice53_9.1-1_amd64.deb 2145f0ce032beee36e0b11c1b63d0fd6334a875d 515074 libavformat54_9.1-1_amd64.deb ac29aed53cef27b58b98850fa3bb85f036b0bc8a 138012 libavfilter3_9.1-1_amd64.deb fd2d4deb51c2826ffb7d59f25f70040dc23dc481 125318 libswscale2_9.1-1_amd64.deb 1d3d3f808687ae4db070dc708c467b38ac121527 150680 libavutil-dev_9.1-1_amd64.deb bd40d21dea687b4bf24bfa161bfee7148b7d92fb 2736570 libavcodec-dev_9.1-1_amd64.deb bcb8d861562385ae12ec92aee233d6b0daaf03a7 75276 libavdevice-dev_9.1-1_amd64.deb dadf8d64b6b7780e9c2c77ea3021e140d6873df6 604236 libavformat-dev_9.1-1_amd64.deb e95bb3f2e2ee62de3818957e7a8b26feea1c042b 161156 libavfilter-dev_9.1-1_amd64.deb 37714f23bc528500d4c5a6481bff5b8fe5bcc32c 136712 libswscale-dev_9.1-1_amd64.deb a8acc4c4567c68f73bd126fe59b12181c184c739 88232 libavresample-dev_9.1-1_amd64.deb 15129c54595392610e563dd415d604e034cf9699 79988 libavresample1_9.1-1_amd64.deb 0c0126799c0f9162a770adea9fbaf8ca71bc498a 48180 libavutil-extra-52_9.1-1_all.deb e68e30ef59937d8d95c7ea4fc4eefe15de21fbbf 2477366 libavcodec-extra-54_9.1-1_amd64.deb 29ce9245a9978b966f720c7b1f86b83e5f64594f 48182 libavdevice-extra-53_9.1-1_all.deb dd13f0229deba4b856fd18645c745ded32505017 48172 libavfilter-extra-3_9.1-1_all.deb db1e8d4da92be3f86a9b4fd4747e6ec56e4c6dc4 48182 libavformat-extra-54_9.1-1_all.deb 18887542d12dbbccf5efd27001c47af3fa917f31 48190 libswscale-extra-2_9.1-1_all.deb Checksums-Sha256: ea42321e5a8229afc69ee75756b4350aa399b0af5117a1867a5cef9dc5447e9a 3432 libav_9.1-1.dsc 549969acacd8b341644ef027a058c2499b2ef2f088f7bf23a49f21d747458741 4062784 libav_9.1.orig.tar.xz 62acbe68cfff70c56ac220cff0a1e29d27daf721a9618f30baed899b4235873c 68068 libav_9.1-1.debian.tar.gz a4d078cdf01a36e7dde0d92189c6bdd4bb74dd992f84e674be877c9e839f004d 3411252 libav-tools_9.1-1_amd64.deb ff9e8b6a98cd4c0ac35ee5ad833f03dfd7600d83c815ac6621e730afb8189ce2 33658064 libav-dbg_9.1-1_amd64.deb e799ca9871f1a145fc6fcc561e46857ebe6d74f3d59246a12835c75a2f30cf75 14034188 libav-doc_9.1-1_all.deb 54cfc9c12a21aebcf8bf367aca76175b05e7ee882cd70dcf0a298cb9934b5f26 105174 libavutil52_9.1-1_amd64.deb 5a466cd41578406fa48181091c7aaac208b8fea0457662bd6e6f98177a552de3 2473558 libavcodec54_9.1-1_amd64.deb e529e700831019127c964186d0b790f115c1503bfc70ac501bfafe9c95d97870 73246 libavdevice53_9.1-1_amd64.deb f21f66b08a2ed64dc41b021f9514b31f3f29b197e07e8fd4d5e373b396e21f89 515074 libavformat54_9.1-1_amd64.deb 5b834dee7c9aa1d917578bd90e80ffa2f54593609eb8077db800d7f512e5759f 138012 libavfilter3_9.1-1_amd64.deb 1efbca0fe13749dd75ac741f95e2e055cc668a11fa4e80ba94e684f98b4267fd 125318 libswscale2_9.1-1_amd64.deb 0b009ce279830a573629ccf895c1f5a54b66d10b36bee2c23cebc34de5562394 150680 libavutil-dev_9.1-1_amd64.deb a7034c9427b929029c6e46b855f968bf1b1d2b70936be411f9b135d65e04bb5a 2736570 libavcodec-dev_9.1-1_amd64.deb e6bbe2fc1db9d2a667bb486440534ed6ec992d6e4346d3223b1ee570ae0d1528 75276 libavdevice-dev_9.1-1_amd64.deb 39364a7c869ae0df5e326ff287bdec33c14e3a41c195e51a180f3c3336956fb5 604236 libavformat-dev_9.1-1_amd64.deb 6cf8d1046f00085771f5f112dea65c8ab88a938750614098a1b293c5404b5b6f 161156 libavfilter-dev_9.1-1_amd64.deb 22977022c5f6b70852e78f128a49550174b40c3b13f80b7946da62a1f10e7514 136712 libswscale-dev_9.1-1_amd64.deb 4f8179ff3d66b254a351c5d6fd0bbfcd10095dc1d482988cd3347b3c47819000 88232 libavresample-dev_9.1-1_amd64.deb 745cff50c3633df56d09b353526e894bb43acba626bf55d336d523d114bd96ae 79988 libavresample1_9.1-1_amd64.deb 124f0023d9a4d4d9fa81ac1ad49737c3661816edc8b9b04bf2bc4be09a062e72 48180 libavutil-extra-52_9.1-1_all.deb 8fbc29498b6c355b60e1526ec2ed7ff06b2c9314552f3d9b8848bef90c91ee93 2477366 libavcodec-extra-54_9.1-1_amd64.deb a64408067ca5d3831bab3de94a9e7f9f717a74a2fb087f1233bded2db5d9c1a7 48182 libavdevice-extra-53_9.1-1_all.deb d6a4dd93d38f78acfed92973ec58c5d0b224309da325813aa260a7c9dbe1c50c 48172 libavfilter-extra-3_9.1-1_all.deb 6139fbe713dbe0b7ebdc4154179b7c9ba00f9f29a40f606289165f6667712814 48182 libavformat-extra-54_9.1-1_all.deb 2ae52dd8b91e576a37a592aea66b27d8fd2a6912c8b31294d0a89696aad1b0e5 48190 libswscale-extra-2_9.1-1_all.deb Files: a34391f104611301039e42761a0e4f1d 3432 libs optional libav_9.1-1.dsc 6c70d41a452762d16162f4d66120efbe 4062784 libs optional libav_9.1.orig.tar.xz 2b85dd28916a3bbf00cb6f832417c367 68068 libs optional libav_9.1-1.debian.tar.gz f4d2550b8e964627175a00dd3ebde1c4 3411252 video optional libav-tools_9.1-1_amd64.deb 9122bb1d4dcacf61b74ecd66d002a0c2 33658064 debug extra libav-dbg_9.1-1_amd64.deb d0e79b8e2a2ce98b3d7e778648260d4e 14034188 doc optional libav-doc_9.1-1_all.deb 8d22bf49996a6dc98a3ee9d6aa53e965 105174 libs optional libavutil52_9.1-1_amd64.deb 6e13e13e6fa39ac5491426ecf7479afc 2473558 libs optional libavcodec54_9.1-1_amd64.deb a90e262efd68308a8440401b92d8d4fa 73246 libs optional libavdevice53_9.1-1_amd64.deb 2bb3390a6ee54be244dfb9bd53a96aa6 515074 libs optional libavformat54_9.1-1_amd64.deb 1864d79ed1eeeea825bb2e159cd3b832 138012 libs optional libavfilter3_9.1-1_amd64.deb d0cc9537821ce2d660b72788eda39f35 125318 libs optional libswscale2_9.1-1_amd64.deb cb77c3b99bb66c5358a2b5c3566be7fe 150680 libdevel optional libavutil-dev_9.1-1_amd64.deb cac1ea713ea765140deee008905e3764 2736570 libdevel optional libavcodec-dev_9.1-1_amd64.deb 546dd6325fa66526794bf468bfd72c43 75276 libdevel optional libavdevice-dev_9.1-1_amd64.deb ad64dd638dc5c20ebb28988dc5f287aa 604236 libdevel optional libavformat-dev_9.1-1_amd64.deb 84651f821c2c337fc051f509c82405e8 161156 libdevel optional libavfilter-dev_9.1-1_amd64.deb 8d4e45343e20371d5f2ff6539a9d228f 136712 libdevel optional libswscale-dev_9.1-1_amd64.deb f998162a8c06172025141843fb2d3ea1 88232 libdevel optional libavresample-dev_9.1-1_amd64.deb 88f2c9f3cac115790c079f3c44082c8c 79988 libs optional libavresample1_9.1-1_amd64.deb 9fb0a4da99d9af5ba644bf8965caa09c 48180 oldlibs extra libavutil-extra-52_9.1-1_all.deb 17fcfcbf8304353d3975fc3f8bbf8c48 2477366 libs optional libavcodec-extra-54_9.1-1_amd64.deb 0fc0129f97a801ccf5141f92aae0cf06 48182 oldlibs extra libavdevice-extra-53_9.1-1_all.deb 7dd8d82fae7f16f6b4510bceb49cd7f2 48172 oldlibs extra libavfilter-extra-3_9.1-1_all.deb b225117a25a8a744be5eee586eaaf61d 48182 oldlibs extra libavformat-extra-54_9.1-1_all.deb 80bc16bc31659ffad9f0f878dee3862b 48190 oldlibs extra libswscale-extra-2_9.1-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Debian Powered! iEYEARECAAYFAlDtDRkACgkQmAg1RJRTSKSwvwCdGRsz43GEWMjHBGWcuuSETu4H 3/sAnjA0+sG5spC/hiCnTktggtXbSW+5 =cE85 -----END PGP SIGNATURE-----
--- End Message ---
