Ubuntu
libav-extra package

  1. Bug #911811
  2. Comment #2

Comment 2 for bug 911811

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libav - 4:0.6.4-0ubuntu0.11.04.1

---------------
libav (4:0.6.4-0ubuntu0.11.04.1) natty-security; urgency=low

  * Update to 0.6.4 to fix multiple security issues (LP: #911811):
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed Matroska file
      - CVE-2011-3504
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed file containing QDM2 stream
      - CVE-2011-4351
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed file containing VP3 stream
      - CVE-2011-4352
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed file containing VP5 or VP6 streams
      - CVE-2011-4353
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed VMD file
      - CVE-2011-4364
    - SECURITY UPDATE: denial of service and possible code execution via
      malformed file containing svq1 stream
      - CVE-2011-4579
  * Removed upstreamed patches:
    - CVE-2011-1196.patch
    - CVE-2011-1931.patch
    - CVE-2011-3362.patch
 -- Marc Deslauriers <email address hidden> Tue, 03 Jan 2012 15:49:39 -0500