[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-04 Thread Launchpad Bug Tracker 
This bug was fixed in the package ffmpeg - 7:2.7.6-0ubuntu0.15.10.1

---
ffmpeg (7:2.7.6-0ubuntu0.15.10.1) wily-security; urgency=medium

  * Import new upstream bugfix release 2.7.6.
 - Fixes CVE-2016-2213. (LP: #1541622)
  * Use ubuntu versions for debian-tag in gbp.conf.

 -- Andreas Cadhalpun   Wed, 03 Feb
2016 23:38:37 +0100

** Changed in: ffmpeg (Ubuntu)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2213

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-03 Thread Marc Deslauriers 
Thanks for the debdiff! Yes, you can skip vivid and 2.5.x.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-03 Thread Andreas Cadhalpun 
Attached is a debdiff. (git repo is at [1])

Testing performed (in a wily chroot):
 * build including test suite works
 * installation works
 * upgrade works
 * autopkgtests pass

1: https://anonscm.debian.org/cgit/pkg-multimedia/ffmpeg.git/log/?h=wily

** Patch added: "debdiff for 2.7.6"
   
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+attachment/4563274/+files/ffmpeg_2.7.6.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-03 Thread Andreas Cadhalpun 
As I understand it vivid will be EOL'ed tomorrow, so I don't think it'll need 
an update for this.
However, I could prepare a debdiff for 2.5.11 if that would be useful.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-03 Thread Ubuntu Foundations Team Bug Bot 
The attachment "debdiff for 2.7.6" seems to be a debdiff.  The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff.  If the attachment isn't a
patch, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe
the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issue please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1541622] Re: FFmpeg security fixes February 2016

2016-02-03 Thread Tyler Hicks 
Thanks for the debdiff! The debian/changelog hunk was somehow malformed
and had a slight typo but those were easy fixes. The update is building
in the security PPA and I plan to release it in the morning.

** Changed in: ffmpeg (Ubuntu)
   Status: New => Confirmed

** Changed in: ffmpeg (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1541622

Title:
   FFmpeg security fixes February 2016

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs