Comment 20 for bug 690169

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ffmpeg - 4:0.6-2ubuntu6.1

---------------
ffmpeg (4:0.6-2ubuntu6.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted .ogg file
    - debian/patches/fix-CVE-2010-4704.patch: validate codebook in
      libavcodec/vorbis_dec.c.
    - CVE-2010-4704
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted WebM file
    - debian/patches/fix-CVE-2011-0480.patch: check rangebits in
      libavcodec/vorbis_dec.c.
    - CVE-2011-0480
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted VC1 file (LP: #690169)
    - debian/patches/fix-CVE-2011-0723.patch: fix invalid reads in
      libavcodec/vc1dec.c.
    - CVE-2011-0723
 -- Marc Deslauriers <email address hidden> Thu, 31 Mar 2011 10:38:02 -0400