Public bug reported:
The package 0.8.6 from unstable fixes 4 CVEs:
h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
iff: validate CMAP palette size (CVE-2013-2495)
msrledec: convert to bytestream2 API and add proper bounds checking
(CVE-2013-2496)
vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
** Affects: libav (Ubuntu)
Importance: High
Assignee: Reinhard Tartler (siretart)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1160734
Title:
Merge Libav 0.8.6-1 from unstable
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1160734/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
