** Changed in: libav (Ubuntu Oneiric)
Status: Confirmed => Invalid
** Changed in: libav (Ubuntu Lucid)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1163354
Title:
March 2013 libav security tracking bug
Status in “libav” package in Ubuntu:
Fix Released
Status in “libav” source package in Lucid:
Invalid
Status in “libav” source package in Oneiric:
Invalid
Status in “libav” source package in Precise:
Fix Released
Status in “libav” source package in Quantal:
Fix Released
Status in “libav” source package in Raring:
Fix Released
Bug description:
This is a bug to track the March 2013 libav security updates:
0.8.6:
h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
iff: validate CMAP palette size (CVE-2013-2495)
msrledec: convert to bytestream2 API and add proper bounds checking
(CVE-2013-2496)
vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1163354/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
