-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libav Version : 6:0.8.19-0+deb7u1 CVE ID : CVE-2016-7424
Multiple vulnerabilities have been found in libav: CVE-2016-7424 The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. (No CVE assigned) The h264 codec is vulnerable to various crashes with invalid-free, corrupted double-linked list or out-of-bounds read. For Debian 7 "Wheezy", these problems have been fixed in version 6:0.8.19-0+deb7u1. We recommend that you upgrade your libav packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlh3nPUACgkQrJCsPsUk Bl4hRg/+NkD5YCrteRs5rNI/hSvBj1BSwX2Y1ehPPhiPpWyGbBRRYHfGrt7axRjV EGDdxWOThPU50YgJiDxwXWVCu08jwpBRqVgvGb1uNbNtg4R1QvANa+GAHwzNXA3t AVnREiPLucFllpAUOLmmJj5DDMU02caiI/fNDdS6XyCMMTFKp45rw4/imImO8POn aMzTZRdcnui3HhzspWRawCeX4y3cz62fkUpexVKq+MgoBZkG/FXaNYBQFdQatlYh whMLlmi0EzAB6Zi9jPjw/caMr6Eh2jMPpNJVJUd8s6rlatpuwykzXVPhD9y/vnbM NEMUIejN73UEogvb7+qscSWrFynOm52C1/JJQPN2fpfEo+yHxU9APMR3DyvIC1rI qf/X0AM7BHaOiyw4B/FObVnBAjyiBhC1aaoLQUhzDdzqSeCNncDASK4JoiKTunDP 9dZ/svul/kvDl30GTnrgAbjUKq6BldQQda3NCfrcreqhsCdRzwTO0wxpcEnW/LCx vC6T3tJZ0DE90aeXsJjX7d/X8uMYD5/ivMxLARtReaxyNkF8n6Oc0oe65BT6XevT TUcLSVr2+NccsfA2Ln9P668eDazmmD5ZEyvl4lpVUD+2ygC8UsUTHI4PGs9FamYc wmyQwBQOVgJRDCsVNzI3QUZMyd3runXZH6dD99jC/nekdbSfjaU= =4jor -----END PGP SIGNATURE-----