Package: mplayer Version: 2:1.0~rc4.dfsg1+svn34540-1+b2 Severity: grave Tags: security
mplayer depends on obsolete packages libavcodec53, libavutil51 and libavformat53, which have known security bugs that will never be fixed (since the packages are no longer in unstable). According to debsecan: CVE-2012-6618 The av_probe_input_buffer function in... <http://security-tracker.debian.org/tracker/CVE-2012-6618> - libavcodec53, ffmpeg, libavfilter2, libavutil51, libavformat53 (obsolete) CVE-2013-0856 The lpc_prediction function in libavcodec/alac.c in... <http://security-tracker.debian.org/tracker/CVE-2013-0856> - libavcodec53, ffmpeg, libavfilter2, libavutil51, libavformat53 (obsolete) -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mplayer depends on: ii libaa1 1.4p5-41 ii libasound2 1.0.27.2-3 ii libavcodec53 6:0.8.10-1 ii libavformat53 6:0.8.10-1 ii libavutil51 6:0.8.10-1 ii libbluray1 1:0.5.0-2 ii libc6 2.18-4 ii libcaca0 0.99.beta18-1.1 ii libcdparanoia0 3.10.2+debian-11 ii libdca0 0.0.5-6 ii libdirectfb-1.2-9 1.2.10.0-5 ii libdvdnav4 4.2.1-3 ii libdvdread4 4.2.1-2 ii libenca0 1.15-2 ii libesd0 0.2.41-11 ii libfaad2 2.7-8 ii libfontconfig1 2.11.0-5 ii libfreetype6 2.5.2-1 ii libfribidi0 0.19.6-1 ii libgcc1 1:4.8.2-16 ii libgif4 4.1.6-11 ii libgl1-mesa-glx [libgl1] 9.2.2-1 ii libjack0 [libjack-0.116] 1:0.124.1+20140122git5013bed0-2+b1 ii libjpeg8 8d-2 ii liblircclient0 0.9.0~pre1-1 ii liblzo2-2 2.06-1.2 ii libmp3lame0 3.99.5+repack1-3 ii libmpeg2-4 0.5.1-5 ii libncurses5 5.9+20140118-1 ii libogg0 1.3.1-1 ii libopenal1 1:1.14-4 ii libpng12-0 1.2.50-1 ii libpostproc52 6:0.git20120821-4 ii libpulse0 4.0-6+b1 ii libsdl1.2debian 1.2.15-8 ii libsmbclient 2:4.1.5+dfsg-1 ii libspeex1 1.2~rc1.1-1 ii libstdc++6 4.8.2-16 ii libsvga1 1:1.4.3-33 ii libswscale2 6:9.11-3 ii libtheora0 1.1.1+dfsg.1-3.1 ii libtinfo5 5.9+20140118-1 ii libvdpau1 0.7-1 ii libx11-6 2:1.6.2-1 ii libx264-123 2:0.123.2189+git35cf912-1 ii libxext6 2:1.3.2-1 ii libxinerama1 2:1.1.3-1 ii libxv1 2:1.0.10-1 ii libxvidcore4 2:1.3.2-9 ii libxvmc1 2:1.0.8-1 ii libxxf86dga1 2:1.1.4-1 ii libxxf86vm1 1:1.1.3-1 ii zlib1g 1:1.2.8.dfsg-1 mplayer recommends no packages. Versions of packages mplayer suggests: ii bzip2 1.0.6-5 ii fontconfig 2.11.0-5 ii fonts-freefont-ttf [ttf-freefont] 20120503-4 ii mplayer-doc 2:1.0~rc4.dfsg1+svn34540-1 pn netselect | fping <none> -- no debconf information _______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
