This bug was fixed in the package libav - 4:0.7.3-0ubuntu0.11.10.1
---------------
libav (4:0.7.3-0ubuntu0.11.10.1) oneiric-security; urgency=low
* Update to 0.7.3 to fix multiple security issues (LP: #911811):
- SECURITY UPDATE: denial of service and possible code execution via
malformed file containing QDM2 stream
- CVE-2011-4351
- SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP3 stream
- CVE-2011-4352
- SECURITY UPDATE: denial of service and possible code execution via
malformed file containing VP5 or VP6 streams
- CVE-2011-4353
- SECURITY UPDATE: denial of service and possible code execution via
malformed VMD file
- CVE-2011-4364
- SECURITY UPDATE: denial of service and possible code execution via
malformed file containing svq1 stream
- CVE-2011-4579
-- Marc Deslauriers <[email protected]> Tue, 03 Jan 2012 15:31:49
-0500
** Changed in: libav (Ubuntu Oneiric)
Status: In Progress => Fix Released
** Changed in: libav (Ubuntu Natty)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1196
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1931
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3362
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/911811
Title:
libav security update tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/911811/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
