[Bug 1541622] Re: FFmpeg security fixes February 2016
This bug was fixed in the package ffmpeg - 7:2.7.6-0ubuntu0.15.10.1 --- ffmpeg (7:2.7.6-0ubuntu0.15.10.1) wily-security; urgency=medium * Import new upstream bugfix release 2.7.6. - Fixes CVE-2016-2213. (LP: #1541622) * Use ubuntu versions for debian-tag in gbp.conf. -- Andreas CadhalpunWed, 03 Feb 2016 23:38:37 +0100 ** Changed in: ffmpeg (Ubuntu) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2213 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1541622] Re: FFmpeg security fixes February 2016
Thanks for the debdiff! Yes, you can skip vivid and 2.5.x. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1541622] Re: FFmpeg security fixes February 2016
Attached is a debdiff. (git repo is at [1]) Testing performed (in a wily chroot): * build including test suite works * installation works * upgrade works * autopkgtests pass 1: https://anonscm.debian.org/cgit/pkg-multimedia/ffmpeg.git/log/?h=wily ** Patch added: "debdiff for 2.7.6" https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+attachment/4563274/+files/ffmpeg_2.7.6.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1541622] Re: FFmpeg security fixes February 2016
As I understand it vivid will be EOL'ed tomorrow, so I don't think it'll need an update for this. However, I could prepare a debdiff for 2.5.11 if that would be useful. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1541622] Re: FFmpeg security fixes February 2016
The attachment "debdiff for 2.7.6" seems to be a debdiff. The ubuntu- sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1541622] Re: FFmpeg security fixes February 2016
Thanks for the debdiff! The debian/changelog hunk was somehow malformed and had a slight typo but those were easy fixes. The update is building in the security PPA and I plan to release it in the morning. ** Changed in: ffmpeg (Ubuntu) Status: New => Confirmed ** Changed in: ffmpeg (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1541622 Title: FFmpeg security fixes February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1541622/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs