Public bug reported:
This is a bug to track the July 2013 libav security updates:
- kmvc: Clip pixel position to valid range
- kmvc: use fixed sized arrays in the context
- indeo: use a typedef for the mc function pointer
- lavc: check for overflow in init_get_bits
- mjpegdec: properly report unsupported disabled features
- jpegls: return meaningful errors
- jpegls: factorize return paths
- jpegls: check the scan offset
- wavpack: validate samples size parsed in wavpack_decode_block
- ljpeg: use the correct number of components in yuv
- mjpeg: Validate sampling factors
- mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac
- wavpack: check packet size early
- wavpack: return meaningful errors
- apetag: use int64_t for filesize
- tiff: do not overread the source buffer
- Prepare for 0.8.8 Release
- smacker: fix an off by one in huff.length computation
- smacker: check the return value of smacker_decode_tree
- smacker: pad the extradata allocation
- smacker: check frame size validity
- vmdav: convert to bytestream2
- 4xm: don't rely on get_buffer() initializing the frame.
- 4xm: check the return value of read_huffman_tables().
- 4xm: use the correct logging context
- 4xm: reject frames not compatible with the declared version
- 4xm: check bitstream_size boundary before using it
- 4xm: do not overread the source buffer in decode_p_block
** Affects: libav (Ubuntu)
Importance: Medium
Status: Confirmed
** Affects: libav (Ubuntu Precise)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: libav (Ubuntu Quantal)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: libav (Ubuntu Raring)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: libav (Ubuntu Saucy)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: libav (Ubuntu Trusty)
Importance: Medium
Status: Confirmed
** Also affects: libav (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: libav (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: libav (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: libav (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: libav (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: libav (Ubuntu Precise)
Status: New => Confirmed
** Changed in: libav (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: libav (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: libav (Ubuntu Quantal)
Status: New => Confirmed
** Changed in: libav (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: libav (Ubuntu Quantal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: libav (Ubuntu Raring)
Status: New => Confirmed
** Changed in: libav (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: libav (Ubuntu Raring)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: libav (Ubuntu Saucy)
Status: New => Confirmed
** Changed in: libav (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: libav (Ubuntu Saucy)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: libav (Ubuntu Trusty)
Status: New => Confirmed
** Changed in: libav (Ubuntu Trusty)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242802
Title:
July 2013 libav security tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1242802/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
