Summary: | <media-video/libav-0.8.4: multiple vulnerabilities (CVE-2012-{2772,2775,2776,2777,2779,2784,2786,2787,2788,2789,2790,2793,2794,2796,2798,2800,2801,2802}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/50963/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2012-10-20 10:24:42 UTC
From the upstream website: October 22 2012 Today, we update our latest release series 0.8 with the release of Libav 0.8.4. This release contains several security and bug fixes. The following bugs in our Bugzilla have been fixed: #118: zzufed H.261 file crashes avconv signal 11 (SIGSEGV) #203: scale filter has a rounding error #245: Reading already freed mem when using vfilters pad and settb #265: smacker audio decode regression #277: avconv ignores audio bitrate -ab parameter #310: avconv hangs when transcoding .flac files #327: wmaprodec: Arithmetic exception #352: Pad filter pass-through problem #367: Crash in bmp_decode_frame() when decoding unusual bmp file #373: y4m as input results in "filename.y4m: Operation not permitted" #379: Regression in WAV files between 52.72. 2 and 53. 35. 0 #380: double free in option handling This release contains security fixes for the following CVEs: CVE-2012-2772 CVE-2012-2775 CVE-2012-2776 CVE-2012-2777 CVE-2012-2779 CVE-2012-2784 CVE-2012-2786 CVE-2012-2787 CVE-2012-2788 CVE-2012-2789 CVE-2012-2790 CVE-2012-2793 CVE-2012-2794 CVE-2012-2796 CVE-2012-2798 CVE-2012-2800 CVE-2012-2801 CVE-2012-2802 Arches, please test and mark stable: =media-video/libav-0.8.4 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" amd64 stable Stable for HPPA. Stable on alpha. stable ppc64 stable ppc x86 stable arm stable ia64/sparc stable Thanks, everyone. New GLSA request filed. oldest in tree libav-0.8.7, PLEASE CLOSE. thx This issue was resolved and addressed in GLSA 201406-28 at http://security.gentoo.org/glsa/glsa-201406-28.xml by GLSA coordinator Chris Reffett (creffett). |