[Ubuntustudio-bugs] [Bug 1662513] Re: Update to 9.21 in Trusty
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Changed in: libav (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Studio Bugs, which is subscribed to libav in Ubuntu. Matching subscriptions: Ubuntu Studio Bugs https://bugs.launchpad.net/bugs/1662513 Title: Update to 9.21 in Trusty Status in libav package in Ubuntu: Incomplete Bug description: version 9.21: - mpeg12: move setting first_field to mpeg_field_start() (libav/999) - mpeg12: avoid signed overflow in bitrate calculation (libav/981) - mpegvideo_parser: avoid signed overflow in bitrate calculation (libav/981) - avformat/output-example: Declare link dependency on libswscale in the Makefile - build: output-example: Add avutil to ELIBS in link command To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1662513/+subscriptions -- Mailing list: https://launchpad.net/~ubuntustudio-bugs Post to : ubuntustudio-bugs@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntustudio-bugs More help : https://help.launchpad.net/ListHelp
[Ubuntustudio-bugs] [Bug 1643467] Re: Firefox 50 blocks Ubuntu 12.04 and 14.04 LTS's version of libavcodec
** Changed in: firefox (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Studio Bugs, which is subscribed to libav in Ubuntu. Matching subscriptions: Ubuntu Studio Bugs https://bugs.launchpad.net/bugs/1643467 Title: Firefox 50 blocks Ubuntu 12.04 and 14.04 LTS's version of libavcodec Status in libav: Unknown Status in firefox package in Ubuntu: Fix Released Status in libav package in Ubuntu: Invalid Status in firefox source package in Precise: Fix Released Status in libav source package in Precise: Confirmed Status in firefox source package in Trusty: Fix Released Status in libav source package in Trusty: Fix Released Bug description: Whenever it tries to play a video, Firefox 50 displays this message at the top of every page: "libavcodec may be vulnerable or is not supported, and should be updated to play video" https://dxr.mozilla.org/mozilla-central/source/browser/locales/en- US/chrome/browser/browser.properties?q=%22libavcodec+may+be+vulnerable%22_type=single#742 Firefox refuses any libavcodec version prior to 54.35.1 (unless media.libavcodec.allow-obsolete==true). https://dxr.mozilla.org/mozilla- central/source/dom/media/platforms/ffmpeg/FFmpegLibWrapper.cpp#60 Users should not be subjected to this warning, as it is vague (does not instruct them how to fix it). Ubuntu 14.04 LTS should ship with an updated version of libavcodec. DistroRelease: Ubuntu 14.04 Package: firefox 50.0+build2-0ubuntu0.14.04.2 To manage notifications about this bug go to: https://bugs.launchpad.net/libav/+bug/1643467/+subscriptions -- Mailing list: https://launchpad.net/~ubuntustudio-bugs Post to : ubuntustudio-bugs@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntustudio-bugs More help : https://help.launchpad.net/ListHelp
[Ubuntustudio-bugs] [Bug 1662513] [NEW] Update to 9.21 in Trusty
*** This bug is a security vulnerability *** Public security bug reported: version 9.21: - mpeg12: move setting first_field to mpeg_field_start() (libav/999) - mpeg12: avoid signed overflow in bitrate calculation (libav/981) - mpegvideo_parser: avoid signed overflow in bitrate calculation (libav/981) - avformat/output-example: Declare link dependency on libswscale in the Makefile - build: output-example: Add avutil to ELIBS in link command ** Affects: libav (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9822 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9821 -- You received this bug notification because you are a member of Ubuntu Studio Bugs, which is subscribed to libav in Ubuntu. Matching subscriptions: Ubuntu Studio Bugs https://bugs.launchpad.net/bugs/1662513 Title: Update to 9.21 in Trusty Status in libav package in Ubuntu: New Bug description: version 9.21: - mpeg12: move setting first_field to mpeg_field_start() (libav/999) - mpeg12: avoid signed overflow in bitrate calculation (libav/981) - mpegvideo_parser: avoid signed overflow in bitrate calculation (libav/981) - avformat/output-example: Declare link dependency on libswscale in the Makefile - build: output-example: Add avutil to ELIBS in link command To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1662513/+subscriptions -- Mailing list: https://launchpad.net/~ubuntustudio-bugs Post to : ubuntustudio-bugs@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntustudio-bugs More help : https://help.launchpad.net/ListHelp
