libssh (0.4.2-1ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via NULL dereference
- debian/patches/CVE-2013-0176.patch: properly handle client that
doesn't send a matching key in libssh/server.c.
- CVE-2013-0176
Date: 2013-01-25 19:20:11.771812+00:00
libssh (0.4.2-1ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via NULL dereference
- debian/patches/CVE-2013-0176.patch: properly handle client that
doesn't send a matching key in libssh/server.c.
- CVE-2013-0176
Date: 2013-01-25 19:20:11.771812+00:00
ffmpeg-extra (4:0.5.9-0ubuntu0.10.04.3) lucid-security; urgency=low
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/CVE-2012-2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerabil
ffmpeg (4:0.5.9-0ubuntu0.10.04.3) lucid-security; urgency=low
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/CVE-2012-2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerability in
ffmpeg-extra (4:0.5.9-0ubuntu0.10.04.3) lucid-security; urgency=low
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/CVE-2012-2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerabil
ffmpeg (4:0.5.9-0ubuntu0.10.04.3) lucid-security; urgency=low
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/CVE-2012-2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerability in
portmidi (1:200-0ubuntu1.10.04.1) lucid-proposed; urgency=low
* debian/patches/11-pmlinuxalsa.patch:
- Avoid SIGSEGV when it receives data for devices which
might have already been closed. (LP: #1073484)
- Fix some other pointer issues:
+ alsa_in_close() didn't clear midi-des
