integer overflow in libtheora before 1.1. This also affects mozilla-firefox (already handled in #297532) and seamonkey 2.0 (not in portage).
So probably left to do is stabilizing libtheora 1.1.1.
(In reply to comment #0)
> So probably left to do is stabilizing libtheora 1.1.1.
This is quite old now, is there any reason it hasn't been done yet?
FWIW, I've been using libtheora 1.1.1 for a couple of months now with no problems at all.
Sorry about the delay.
media-video, can you please ACK this request?
(In reply to comment #2)
> Sorry about the delay.
> media-video, can you please ACK this request?
There *were* once upon a time some dep issues with ffmpeg/libavcodec, but those have since been resolved. I believe everything else should be okay now.
Good, thanks for the fast response. If there are still any issues, I hope the arch teams will find them:
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86"
Stable for HPPA.
Stable for PPC.
x86 stable, no issues found
Stable on amd64
GLSA request filed.
This issue was resolved and addressed in
GLSA 201312-04 at http://security.gentoo.org/glsa/glsa-201312-04.xml
by GLSA coordinator Chris Reffett (creffett).