libav is no longer packaged for Wily. ** No longer affects: libav (Ubuntu)
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libav in Ubuntu. https://bugs.launchpad.net/bugs/1432610 Title: Libav security fixes March 2015 Status in libav source package in Precise: Fix Released Status in libav source package in Trusty: Fix Released Status in libav source package in Utopic: Won't Fix Status in libav source package in Vivid: Confirmed Bug description: Libav 0.8.17, 9.18 and 11.3 are out that fix a number of security issues. version 0.8.17: - utvideodec: Handle slice_height being zero (CVE-2014-9604) - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - rmenc: limit packet size - eamad: check for out of bounds read (CID/1257500) - h264_cabac: Break infinite loops - matroskadec: Fix read-after-free in matroska_read_seek() (chromium/427266) - gifdec: refactor interleave end handling (CVE-2014-8547) - smc: fix the bounds check (CVE-2014-8548) - mmvideo: check frame dimensions (CVE-2014-8543) - jvdec: check frame dimensions (CVE-2014-8542) - mov: avoid a memleak when multiple stss boxes are present - apetag: Fix APE tag size check - x86: Only use optimizations with cmov if the CPU supports the instruction - x86: Add CPU flag for the i686 cmov instruction version 9.18: - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - utvideodec: Handle slice_height being zero (CVE-2014-9604) - rmenc: limit packet size - rv10: check size of s->mb_width * s->mb_height - eamad: check for out of bounds read (CID/1257500) - arm: Suppress tags about used cpu arch and extensions - img2dec: correctly use the parsed value from -start_number - h264_cabac: Break infinite loops - matroskadec: Fix read-after-free in matroska_read_seek() (chromium/427266) - smc: fix the bounds check (CVE-2014-8548) - gifdec: refactor interleave end handling (CVE-2014-8547) - mmvideo: check frame dimensions (CVE-2014-8543) - jvdec: check frame dimensions (CVE-2014-8542) - mov: avoid a memleak when multiple stss boxes are present - mp3enc: fix a triggerable assert - apetag: Fix APE tag size check version 11.3: - utvideodec: Handle slice_height being zero (CVE-2014-9604) - adxdec: set avctx->channels in adx_read_header - rmenc: limit packet size - webp: validate the distance prefix code - rv10: check size of s->mb_width * s->mb_height - eamad: check for out of bounds read (CID/1257500) - mdec: check for out of bounds read (CID/1257501) - configure: Properly fail when libcdio/cdparanoia is not found - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - aic: Fix decoding files with odd dimensions - vorbis: Check the vlc value in setup_classifs - arm: Suppress tags about used cpu arch and extensions - prores: Extend the padding check to 16bit - icecast: Do not use chunked post, allows feeding to icecast properly - img2dec: correctly use the parsed value from -start_number - h264_cabac: Break infinite loops - hevc_deblock: Fix compilation with nasm (libav #795) - h264: initialize H264Context.avctx in init_thread_copy - h264: Do not share rbsp_buffer across threads - h264: only ref cur_pic in update_thread_context if it is initialized - matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266) - log: Unbreak no-tty support on 256color terminals To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/precise/+source/libav/+bug/1432610/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp