This bug was fixed in the package libav - 6:9.14-0ubuntu0.14.04.1
---------------
libav (6:9.14-0ubuntu0.14.04.1) trusty-security; urgency=medium
* New upstream release 9.14:
- Many security fixes issues LP: #1341216
- adpcm: Write the proper predictor in trellis mode in IMA QT
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
- Check if an mp3 header is using a reserved sample rate
- lzo: Handle integer overflow (bug/704)
- avconv: make -shortest work with streamcopy
* Drop broken dpkg-maintscript, LP: #1315672
-- Reinhard Tartler <siret...@tauware.de> Sat, 12 Jul 2014 18:33:45 -0400
** Changed in: libav (Ubuntu Trusty)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1341216
Title:
Libav security fixes Jul 2014
Status in “libav” package in Ubuntu:
Fix Committed
Status in “libav” source package in Precise:
In Progress
Status in “libav” source package in Saucy:
In Progress
Status in “libav” source package in Trusty:
Fix Released
Status in “libav” source package in Utopic:
Fix Committed
Bug description:
trusty should get Libav 9.14:
version 9.14:
- adpcm: Write the proper predictor in trellis mode in IMA QT
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
- Check if an mp3 header is using a reserved sample rate
- lzo: Handle integer overflow (bug/704)
- avconv: make -shortest work with streamcopy
The lzo issue is claimed to be exploitable (remote code execution) on
i386.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1341216/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
