This bug was fixed in the package ffmpeg - 7:2.7.6-0ubuntu0.15.10.1
---
ffmpeg (7:2.7.6-0ubuntu0.15.10.1) wily-security; urgency=medium
* Import new upstream bugfix release 2.7.6.
- Fixes CVE-2016-2213. (LP: #1541622)
* Use ubuntu versions for debian-tag in gbp.conf.
--
Thanks for the debdiff! Yes, you can skip vivid and 2.5.x.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622
Title:
FFmpeg security fixes February 2016
To manage notifications about this bug
Attached is a debdiff. (git repo is at [1])
Testing performed (in a wily chroot):
* build including test suite works
* installation works
* upgrade works
* autopkgtests pass
1: https://anonscm.debian.org/cgit/pkg-multimedia/ffmpeg.git/log/?h=wily
** Patch added: "debdiff for 2.7.6"
As I understand it vivid will be EOL'ed tomorrow, so I don't think it'll need
an update for this.
However, I could prepare a debdiff for 2.5.11 if that would be useful.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The attachment "debdiff for 2.7.6" seems to be a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. If the attachment isn't a
patch, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if
Thanks for the debdiff! The debian/changelog hunk was somehow malformed
and had a slight typo but those were easy fixes. The update is building
in the security PPA and I plan to release it in the morning.
** Changed in: ffmpeg (Ubuntu)
Status: New => Confirmed
** Changed in: ffmpeg