March 2013 libav security tracking bug
Bug #1163354 reported by
Marc Deslauriers
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libav (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Marc Deslauriers | ||
Oneiric |
Invalid
|
Medium
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Quantal |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Raring |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This is a bug to track the March 2013 libav security updates:
0.8.6:
h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
iff: validate CMAP palette size (CVE-2013-2495)
msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496)
vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
Changed in libav (Ubuntu Raring): | |
status: | New → Fix Released |
Changed in libav (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libav (Ubuntu Oneiric): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libav (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libav (Ubuntu Quantal): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libav (Ubuntu Lucid): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in libav (Ubuntu Oneiric): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in libav (Ubuntu Precise): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in libav (Ubuntu Quantal): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in libav (Ubuntu Oneiric): | |
status: | Confirmed → Incomplete |
status: | Incomplete → Confirmed |
Changed in libav (Ubuntu Oneiric): | |
status: | Confirmed → Invalid |
Changed in libav (Ubuntu Lucid): | |
status: | Confirmed → Invalid |
To post a comment you must log in.
This bug was fixed in the package libav - 4:0.8.6- 0ubuntu0. 12.04.1
--------------- 6-0ubuntu0. 12.04.1) precise-security; urgency=low
libav (4:0.8.
* Update to 0.8.6 to fix multiple security issues. (LP: #1163354)
- CVE-2013-0894
- CVE-2013-2277
- CVE-2013-2495
- CVE-2013-2496
-- Marc Deslauriers <email address hidden> Tue, 02 Apr 2013 10:48:44 -0400