Your message dated Tue, 05 Oct 2010 13:17:32 +0000
with message-id <e1p37oe-0002pt...@franck.debian.org>
and subject line Bug#598590: fixed in ffmpeg 4:0.5.2-6
has caused the Debian Bug report #598590,
regarding CVE-2010-3249: FLIC vulnerabiliry
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
598590: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598590
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libavcodec0d
Severity: grave
Tags: security
Justification: user security hole
FYI: http://www.ocert.org/advisories/ocert-2010-004.html
Cheers,
Moritz
-- System Information:
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
--- End Message ---
--- Begin Message ---
Source: ffmpeg
Source-Version: 4:0.5.2-6
We believe that the bug you reported is fixed in the latest version of
ffmpeg, which is due to be installed in the Debian FTP archive:
ffmpeg-dbg_0.5.2-6_i386.deb
to main/f/ffmpeg/ffmpeg-dbg_0.5.2-6_i386.deb
ffmpeg-doc_0.5.2-6_all.deb
to main/f/ffmpeg/ffmpeg-doc_0.5.2-6_all.deb
ffmpeg_0.5.2-6.diff.gz
to main/f/ffmpeg/ffmpeg_0.5.2-6.diff.gz
ffmpeg_0.5.2-6.dsc
to main/f/ffmpeg/ffmpeg_0.5.2-6.dsc
ffmpeg_0.5.2-6_i386.deb
to main/f/ffmpeg/ffmpeg_0.5.2-6_i386.deb
libavcodec-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libavcodec-dev_0.5.2-6_i386.deb
libavcodec52_0.5.2-6_i386.deb
to main/f/ffmpeg/libavcodec52_0.5.2-6_i386.deb
libavdevice-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libavdevice-dev_0.5.2-6_i386.deb
libavdevice52_0.5.2-6_i386.deb
to main/f/ffmpeg/libavdevice52_0.5.2-6_i386.deb
libavfilter-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libavfilter-dev_0.5.2-6_i386.deb
libavfilter0_0.5.2-6_i386.deb
to main/f/ffmpeg/libavfilter0_0.5.2-6_i386.deb
libavformat-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libavformat-dev_0.5.2-6_i386.deb
libavformat52_0.5.2-6_i386.deb
to main/f/ffmpeg/libavformat52_0.5.2-6_i386.deb
libavutil-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libavutil-dev_0.5.2-6_i386.deb
libavutil49_0.5.2-6_i386.deb
to main/f/ffmpeg/libavutil49_0.5.2-6_i386.deb
libpostproc-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libpostproc-dev_0.5.2-6_i386.deb
libpostproc51_0.5.2-6_i386.deb
to main/f/ffmpeg/libpostproc51_0.5.2-6_i386.deb
libswscale-dev_0.5.2-6_i386.deb
to main/f/ffmpeg/libswscale-dev_0.5.2-6_i386.deb
libswscale0_0.5.2-6_i386.deb
to main/f/ffmpeg/libswscale0_0.5.2-6_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 598...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Reinhard Tartler <siret...@tauware.de> (supplier of updated ffmpeg package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 03 Oct 2010 16:59:39 +0200
Source: ffmpeg
Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil49 libavcodec52 libavdevice52
libavformat52 libavfilter0 libpostproc51 libswscale0 libavutil-dev
libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev
libswscale-dev
Architecture: source i386 all
Version: 4:0.5.2-6
Distribution: unstable
Urgency: high
Maintainer: Debian multimedia packages maintainers
<pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Reinhard Tartler <siret...@tauware.de>
Description:
ffmpeg - multimedia player, server and encoder
ffmpeg-dbg - Debug symbols for ffmpeg related packages
ffmpeg-doc - documentation of the ffmpeg API
libavcodec-dev - development files for libavcodec
libavcodec52 - ffmpeg codec library
libavdevice-dev - development files for libavdevice
libavdevice52 - ffmpeg device handling library
libavfilter-dev - development files for libavfilter
libavfilter0 - ffmpeg video filtering library
libavformat-dev - development files for libavformat
libavformat52 - ffmpeg file format library
libavutil-dev - development files for libavutil
libavutil49 - ffmpeg utility library
libpostproc-dev - development files for libpostproc
libpostproc51 - ffmpeg video postprocessing library
libswscale-dev - development files for libswscale
libswscale0 - ffmpeg video scaling library
Closes: 598590
Changes:
ffmpeg (4:0.5.2-6) unstable; urgency=high
.
* Fix several security issues in flicvideo.c.
Fixes: CVE-2010-3429, Closes: #598590
* Raising severity to high because of security issue.
Checksums-Sha1:
8b9d8ba7852c5e89536fedb4432ee7d3fed12a7f 2360 ffmpeg_0.5.2-6.dsc
cc1dd17d4dbabba6a2b03826babb8bdda75d0577 59297 ffmpeg_0.5.2-6.diff.gz
1545afaf580a2cf449f2f08d0896fd9fa7c8677e 233932 ffmpeg_0.5.2-6_i386.deb
0587f93461ed3a77302426e14ffffcc228c65189 9434888 ffmpeg-dbg_0.5.2-6_i386.deb
9d99c995b161bfc3fbf210ac72dbbcb801b89a79 13958028 ffmpeg-doc_0.5.2-6_all.deb
5ba7194946abaf055faf73583bcf0b552e8175cb 90380 libavutil49_0.5.2-6_i386.deb
1af69538d0009501878a335e89d605f5cb01d8e6 4001600 libavcodec52_0.5.2-6_i386.deb
27aeb9b982f1e8ed75792d590bb516bd83e0ca96 70754 libavdevice52_0.5.2-6_i386.deb
c90b2f7c0ec7e229f2689979b1770317aa1b4e4e 708922 libavformat52_0.5.2-6_i386.deb
e670712f8dbc673d046e45bbf19194114ff7d11b 46616 libavfilter0_0.5.2-6_i386.deb
dff0f3e4b9bbd8a58ee120c637b5d18c427dc775 189522 libpostproc51_0.5.2-6_i386.deb
7ee1f8cda6908b2dca4b3ec08d9ef1e7f6d18dcf 227040 libswscale0_0.5.2-6_i386.deb
94b5aa8a9aa515a2784adacbe9d4be45589a7c09 77332 libavutil-dev_0.5.2-6_i386.deb
77c64043b1c13c4b2f511ea7212e72aefd7ee0a9 2243646
libavcodec-dev_0.5.2-6_i386.deb
147d09bcdf848d4c97abfcc42c7cce2933a197d6 55496 libavdevice-dev_0.5.2-6_i386.deb
8010b4619f942bc2eb70a4ab5961e563eed11d4c 447680
libavformat-dev_0.5.2-6_i386.deb
0f74c12450de5ccdc7424779a907a4a3e06b8118 51696 libavfilter-dev_0.5.2-6_i386.deb
f63f1b9ee73c2400717726c2a0f98cead3158c98 113924
libpostproc-dev_0.5.2-6_i386.deb
aa1e0b4c819c43f53bf647fdb41098f3c098a783 139168 libswscale-dev_0.5.2-6_i386.deb
Checksums-Sha256:
a453fa4732d189036ff8ff0acb901e1a25c2f5362b6e6e91fa2029b9c7466107 2360
ffmpeg_0.5.2-6.dsc
3883a031cd2ff2036e2e7c132a0c0671d1321a7faa006eb85f441ca910c51cf5 59297
ffmpeg_0.5.2-6.diff.gz
4ee6925af89fd41853afd29a5d1bcd6dd0b765e64fdf034d86fd2e62092938e6 233932
ffmpeg_0.5.2-6_i386.deb
1a906fe282adee95fc5b15480c63ffe68a08a9821069685212c269dec8866826 9434888
ffmpeg-dbg_0.5.2-6_i386.deb
32687bd6779f5b237f1734afe626fef4d34de53a10d1c4ea937dda46d3048697 13958028
ffmpeg-doc_0.5.2-6_all.deb
e70fb2d1612ee6e195fc9318f1bb51c9287a267af79926ba414982c47ce471a3 90380
libavutil49_0.5.2-6_i386.deb
0fc369d7d004576981cb7be1b24d96959d0dd27f1abb30a2510c520dd7d9fc7e 4001600
libavcodec52_0.5.2-6_i386.deb
c9fa5c8f63ab8a1fc975a36a4117c2c658b8f2497fe6c0f37d717077a298c682 70754
libavdevice52_0.5.2-6_i386.deb
283763313ef95c704074b4ceb973cd54b6aa3d6019b5956908f71f870f5669f6 708922
libavformat52_0.5.2-6_i386.deb
c5e14b3ecf9ee872df0e7e267e6945458f850253c1d96a0f67bfb821c54bfbb1 46616
libavfilter0_0.5.2-6_i386.deb
174f968457c3a68577558c541e3a64a7500f14b1354def6ce63a47533cd077c8 189522
libpostproc51_0.5.2-6_i386.deb
66baf4bf04e97c1c753962062953a8439c6ec9e3ea1beaf04e8161ed00af24ec 227040
libswscale0_0.5.2-6_i386.deb
c22d8084e702fdb220f174c92492bd01e29d56e93841249ce64cfe1ba45123ae 77332
libavutil-dev_0.5.2-6_i386.deb
f1a700992d7b49f9aa873cf23a5461c618aa434c67c1447b0cb4953eca682eec 2243646
libavcodec-dev_0.5.2-6_i386.deb
d8b9169a16bb6ba3fa9c8a149e2be2e641780371837bd0ba737960109e05899a 55496
libavdevice-dev_0.5.2-6_i386.deb
0d4ef901faa8d6b46f3c84235ecd4e4b5050e3223d3dd199732f459d294d6471 447680
libavformat-dev_0.5.2-6_i386.deb
bb7de0e476123c5039b8bf2e90bbade72f621959b1ea0ea878dde0b6047e3740 51696
libavfilter-dev_0.5.2-6_i386.deb
20b2f1864fd0220d88dbcd12438f2cecfa5bec03a8c12a900e44235a763794e0 113924
libpostproc-dev_0.5.2-6_i386.deb
ec4aa92d3de1c21c86ec2b4d0c53c351a8d602954599a1622c7a2fb813e82ea2 139168
libswscale-dev_0.5.2-6_i386.deb
Files:
8d918183381677b253fcb88f7c27819e 2360 libs optional ffmpeg_0.5.2-6.dsc
580f56b43cf30bf08a62e4bcfd48ac20 59297 libs optional ffmpeg_0.5.2-6.diff.gz
b95e845674cec7796b0bd3f56c2aa9e4 233932 video optional ffmpeg_0.5.2-6_i386.deb
e0db39569c6a50d418f7d4396159b73a 9434888 debug extra
ffmpeg-dbg_0.5.2-6_i386.deb
62bd78c6c6b199aab42fc646fc475f74 13958028 doc optional
ffmpeg-doc_0.5.2-6_all.deb
5882d279aaf991f20974dd62f7dd9ab6 90380 libs optional
libavutil49_0.5.2-6_i386.deb
a50aae4c8e8b9dd29612407e61bedc22 4001600 libs optional
libavcodec52_0.5.2-6_i386.deb
01d22bacd09536f4e7b133f3429fa32a 70754 libs optional
libavdevice52_0.5.2-6_i386.deb
09fd760cb50aa0686c8d5c35d069e910 708922 libs optional
libavformat52_0.5.2-6_i386.deb
d23f4e2f590dae1069d8987216fb3afa 46616 libs optional
libavfilter0_0.5.2-6_i386.deb
5f5922bb16b3cf812a6c4f2f5d13ba21 189522 libs optional
libpostproc51_0.5.2-6_i386.deb
1e442091d502de3d3fdc3b95cbf8ddcb 227040 libs optional
libswscale0_0.5.2-6_i386.deb
93ee30ba793790988710bf368e37ae25 77332 libdevel optional
libavutil-dev_0.5.2-6_i386.deb
abdaa1c3229bb3a8006ded2e7f826d94 2243646 libdevel optional
libavcodec-dev_0.5.2-6_i386.deb
f048a01ea1a27f9a2ec15b69758f9a1d 55496 libdevel optional
libavdevice-dev_0.5.2-6_i386.deb
6354784fa01296fc386c587550125581 447680 libdevel optional
libavformat-dev_0.5.2-6_i386.deb
58140bb34d23b8db5f9e65e63a917767 51696 libdevel optional
libavfilter-dev_0.5.2-6_i386.deb
c85d4cce6be90996abf07725cb5f6067 113924 libdevel optional
libpostproc-dev_0.5.2-6_i386.deb
80ee36ab33e1a8ffb980ce36bad3d1ac 139168 libdevel optional
libswscale-dev_0.5.2-6_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Debian Powered!
iJwEAQECAAYFAkyrIIwACgkQ78RAoABp8o9aagP/QWp/ESYzoAOfLzHS5XlkbT6F
hEVi1XRDHVSUmRHD81ZcMvq7KR4YwGinuCZy2mHIb1SbKovY03ydly3hB1/kuvLN
cLR9vxTMv8mNMz4AkVP0RwK2IuBF0tGCxILgaLfCA+ENU7VmLWeQHoY97GlkzBCR
wcDSvRXvDtZfKG/mc1I=
=my+w
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
