Package "libavutil49"
| Name: |
libavutil49
|
Description: |
ffmpeg utility library
This is the common utility library from the ffmpeg project. It is required
by all other ffmpeg libraries.
This package contains a Debian-specific version of the libavutil shared
object that should only be used by Debian packages.
|
| Latest version: |
4:0.5.9-0ubuntu0.10.04.3 |
| Release: |
lucid (10.04) |
| Level: |
security |
| Repository: |
main |
| Head package: |
ffmpeg |
| Homepage: |
http://ffmpeg.org/ |
Links
Save this URL for the latest version of "libavutil49":
http://www.ubuntuupdates.org/libavutil49
Download "libavutil49"
Other versions of "libavutil49" in Lucid
Change Log
| Version: 4:0.5.9-0ubuntu0.10.04.3
|
2013-01-28 15:06:33 UTC
|
|
ffmpeg (4:0.5.9-0ubuntu0.10.04.3) lucid-security; urgency=low
* SECURITY UPDATE: unspecified security issue in vp56.c (LP: #1104019)
- debian/patches/CVE-2012-2783.patch: release frames on error in
libavcodec/vp56.c.
- CVE-2012-2783
* SECURITY UPDATE: double free vulnerability in mpeg_decode_frame
- debian/patches/CVE-2012-2803.patch: do not decode extradata more than
once in libavcodec/mpeg12.c.
- CVE-2012-2803
-- Marc Deslauriers <email address hidden> Thu, 24 Jan 2013 13:48:47 -0500
|
| Source diff to previous version |
| 1104019 |
January 2013 libav security tracking bug |
| CVE-2012-2783 |
Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to "freeing the returned frame." |
| CVE-2012-2803 |
Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11 has unknown impact and attack vectors, relat |
|
| Version: 4:0.5.9-0ubuntu0.10.04.2
|
2012-12-19 14:07:05 UTC
|
|
ffmpeg (4:0.5.9-0ubuntu0.10.04.2) lucid-security; urgency=low
* SECURITY UPDATE: security issues in decode_pic
- debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in
libavcodec/cavsdec.c.
- CVE-2012-2777
- CVE-2012-2784
* SECURITY UPDATE: out of array read in avi_read_packet function
- debian/patches/CVE-2012-2788.patch: use accurate size in
libavformat/avidec.c.
- CVE-2012-2788
* SECURITY UPDATE: out of array writes in avs.c
- debian/patches/CVE-2012-2801.patch: force dimensions in
libavcodec/avs.c.
- CVE-2012-2801
-- Marc Deslauriers <email address hidden> Tue, 18 Dec 2012 10:52:37 -0500
|
| Source diff to previous version |
| CVE-2012-2777 |
Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to |
| CVE-2012-2784 |
Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to |
| CVE-2012-2788 |
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11 has unknown impact and attack vectors, relate |
| CVE-2012-2801 |
Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to dimensions and "out of array wr |
|
| Version: 4:0.5.9-0ubuntu0.10.04.1
|
2012-06-18 14:06:40 UTC
|
|
ffmpeg (4:0.5.9-0ubuntu0.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: Updated to libav 0.5.9 to fix multiple security
issues. (LP: #1012132)
- CVE-2011-3929
- CVE-2011-3936
- CVE-2011-3940
- CVE-2011-3947
- CVE-2011-3951
- CVE-2011-3952
- CVE-2012-0851
- CVE-2012-0852
- CVE-2012-0853
- CVE-2012-0858
- CVE-2012-0859
- CVE-2012-0947
* Removed upstreamed patches:
- CVE-2010-3429.patch
- CVE-2010-3908.patch
- CVE-2010-4704.patch
- CVE-2011-0480.patch
- CVE-2011-0722.patch
- CVE-2011-0723.patch
- CVE-2011-2161.patch
- CVE-2011-3362.patch
- CVE-2011-3504.patch
- CVE-2011-4351.patch
- CVE-2011-4353.patch
- CVE-2011-4364.patch
- CVE-2011-4579.patch
-- Marc Deslauriers <email address hidden> Tue, 12 Jun 2012 09:14:53 -0400
|
| Source diff to previous version |
|
|
| Version: 4:0.5.1-1ubuntu1.3
|
2012-01-05 16:02:32 UTC
|
|
ffmpeg (4:0.5.1-1ubuntu1.3) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed Matroska file
- debian/patches/CVE-2011-3504.patch: verify memory allocation failures
in libavformat/matroskadec.c.
- CVE-2011-3504
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- debian/patches/CVE-2011-4351.patch: check boundaries in
libavcodec/qdm2.c.
- CVE-2011-4351
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- debian/patches/CVE-2011-4353.patch: check indexes in libavcodec/vp5.c
and libavcodec/vp6.c.
- CVE-2011-4353
* SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- debian/patches/CVE-2011-4364.patch: properly check lengths in
libavcodec/vmdav.c.
- CVE-2011-4364
* SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- debian/patches/CVE-2011-4579.patch: set dimensions after they have
changed in libavcodec/svq1dec.c.
- CVE-2011-4579
-- Marc Deslauriers Wed, 21 Dec 2011 11:30:09 -0500
|
| Source diff to previous version |
|
|
| Version: 4:0.5.1-1ubuntu1.2
|
2011-09-19 19:01:54 UTC
|
|
ffmpeg (4:0.5.1-1ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via malformed APE file
- debian/patches/CVE-2011-2161.patch: make sure there are frames in
libavformat/ape.c.
- CVE-2011-2161
* SECURITY UPDATE: arbitrary code execution via malformed CAVS file
- debian/patches/CVE-2011-3362.patch: validate values in
libavcodec/cavsdec.c.
- CVE-2011-3362
-- Marc Deslauriers Fri, 16 Sep 2011 09:45:12 -0400
|
| CVE-2011-2161 |
The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows |
| CVE-2011-3362 |
libavcodec insufficient boundary check in CAVS |
|
