Comment 0 for bug 537297

Binary package hint: ffmpeg

various versions of the ffmepg package contain security issues that have fixes in the upstream 0.5 release branch

lucid ships 0.5.1 which has known patches included.

karmic and jaunty ship the 0.5 release. For these packages, this can be solved either by updating to 0.5.1 by or applying the patches from svn://ffmpeg.org/ffmpeg/branches/0.5

intrepid ships an pre 0.5 version of ffmpeg. For this, I've backported some of those patches, which eventually ended up as DSA-2000: http://www.debian.org/security/2010/dsa-2000