[Desktop-packages] [Bug 1163354] Re: March 2013 libav security tracking bug

Marc Deslauriers Fri, 25 Oct 2013 08:21:32 -0700

** Changed in: libav (Ubuntu Oneiric)
       Status: Confirmed => Invalid


** Changed in: libav (Ubuntu Lucid)
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1163354

Title:
  March 2013 libav security tracking bug

Status in “libav” package in Ubuntu:
  Fix Released
Status in “libav” source package in Lucid:
  Invalid
Status in “libav” source package in Oneiric:
  Invalid
Status in “libav” source package in Precise:
  Fix Released
Status in “libav” source package in Quantal:
  Fix Released
Status in “libav” source package in Raring:
  Fix Released

Bug description:
  This is a bug to track the March 2013 libav security updates:

  
  0.8.6:
      h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
      iff: validate CMAP palette size (CVE-2013-2495)
      msrledec: convert to bytestream2 API and add proper bounds checking 
(CVE-2013-2496)
      vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1163354/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1163354] Re: March 2013 libav security tracking bug

Reply via email to