Package "libavcodec-extra-54"

  libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Updated to 9.20 to fix various crashes with
    invalid-free, corrupted double-linked list or out-of-bounds read
    (LP: #1643467)
    - No CVE number

 -- Marc Deslauriers <email address hidden> Wed, 07 Dec 2016 15:36:50 -0500

  libav (6:9.18-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Update to 9.18 to fix multiple security issues (LP: #1432610,
    LP: #1370175)
    - CVE-2013-7020
    - CVE-2014-8542
    - CVE-2014-8543
    - CVE-2014-8544
    - CVE-2014-8547
    - CVE-2014-8548
    - CVE-2014-9604
 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 08:16:54 -0400

  libav (6:9.16-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * New upstream release 9.14:
    - vp3: Copy all 3 frames for thread updates (CVE-2011-3934)
    - mpegts: Do not try to write a PMT larger than SECTION_SIZE (CVE-2014-2263)
    - mpegts: Define the section length with a constant
    - error_concealment: avoid using the picture if not fully setup (CVE-2013-0860)
    - svq1: do not modify the input packet
    - cdgraphics: do not return 0 from the decode function
    - cdgraphics: switch to bytestream2 (CVE-2013-3674)
    - huffyuvdec: check width size for yuv422p (CVE-2013-0848)
    - mmvideo: check horizontal coordinate too (CVE-2013-3672)
    - wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
    - lavc: Check the image size before calling get_buffer (CVE-2011-3935)
    - huffyuv: Check and propagate function return values (CVE-2013-0868)
    - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
    - h264_sei: check SEI size
    - pgssubdec: Check RLE size before copying (CVE-2013-0852)
    - fate: Add dependencies for dct/fft/mdct/rdft tests
    - video4linux2: Avoid a floating point exception
    - vf_select: Drop a debug av_log with an unchecked double to enum conversion
    - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
 -- Reinhard Tartler <email address hidden> Sat, 09 Aug 2014 19:50:43 -0400

  libav (6:9.14-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * New upstream release 9.14:
    - Many security fixes issues LP: #1341216
    - adpcm: Write the proper predictor in trellis mode in IMA QT
    - adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
    - Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
    - Check if an mp3 header is using a reserved sample rate
    - lzo: Handle integer overflow (bug/704)
    - avconv: make -shortest work with streamcopy
  * Drop broken dpkg-maintscript, LP: #1315672
 -- Reinhard Tartler <email address hidden> Sat, 12 Jul 2014 18:33:45 -0400

  libav (6:9.13-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Merge from unstable, remaining changes:
    - build-depend on libtiff5-dev rather than libtiff4-dev,
      avoids FTBFS caused by imlib
  * New upstream release 9.13:
    - Many security fixes issues LP: #1277173
    - swscale: Fix an undefined behaviour
    - matroska: add the Opus mapping
    - mp3enc: Properly write bitrate value in XING header (Closes: #736088)
    - origin/pu/9 oggdec: add support for Opus in Ogg demuxing
      (Fixes: libav/603, Closes: #720563)
    - apedec: do not buffer decoded samples over AVPackets (Closes: #744901)
    - isom: lpcm in mov default to big endian
    - movdec: handle 0x7fff langcode as macintosh per the specs
    - h264: reset next_output_pic earlier in start_frame()
      (Fixes: libav/672, Closes: #741240, LP: #1288206)
    - rtmpproto: Make sure to pass on the error code if read_connect failed
    - lavr: allocate the resampling buffer with a positive size
    - tiffdec: use bytestream2 to simplify overread/overwrite protection
    - resample: fix avresample_get_delay() return value
    - avi: Improve non-interleaved detection (Fixes: libav/666)
    - af_channelmap: fix ONE_STR mapping mode
    - movenc: allow override of "writing application" tag
    - matroskaenc: allow override of "writing application" tag
    - avfilter: Add missing emms_c when needed
    - build: Use pkg-config for openjpeg (Fixes: libav/387)
    - mpeg12: check scantable indices in all decode_block functions
    - sgidec: fix buffer size check in expand_rle_row()
    - adx: check that the offset is not negative
    - mpegvideo: set reference/pict_type on generated reference frames
    - h264: Fix various crashes found in samples pointed by Mateusz
    "j00ru" Jurczyk and Gynvael Coldwind - Thanks!
  * Rebuild is reported to fix vaapi, Closes: #745655
  * Fix invocation of dpkg-maintscript helper, LP: #1315672
  * cleanup leftovers of the former libav-source package
  * Simplify listing packages with dh_listpackage
  * Drop transitional arch:all -extra- packages
  * Bump standards version to 3.9.5, no changes needed