Package: libavformat52 Version: 0.svn20080206-11 Severity: grave Tags: security Justification: user security hole
ubuntu just updated their libavformat packages to patch a problem with STR file demuxing [1]. does this problem apply to debian as well? the CVE number is CVE-2008-3162 [2]. [1] http://www.ubuntu.com/usn/usn-630-1 [2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162 -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-etchnhalf.1-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libavformat52 depends on: ii libavcodec51 0.svn20080206-11 ffmpeg codec library ii libavutil49 0.svn20080206-11 ffmpeg utility library ii libc6 2.7-12 GNU C Library: Shared libraries ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime libavformat52 recommends no packages. libavformat52 suggests no packages. -- no debconf information _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
