Package "libavresample-dev"
Name: |
libavresample-dev
|
Description: |
Development files for libavresample
|
Latest version: |
6:9.20-0ubuntu0.14.04.1 |
Release: |
trusty (14.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
libav |
Homepage: |
http://libav.org/ |
Links
Download "libavresample-dev"
Other versions of "libavresample-dev" in Trusty
Changelog
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: Updated to 9.20 to fix various crashes with
invalid-free, corrupted double-linked list or out-of-bounds read
(LP: #1643467)
- No CVE number
-- Marc Deslauriers <email address hidden> Wed, 07 Dec 2016 15:36:50 -0500
|
Source diff to previous version |
1643467 |
Firefox 50 blocks Ubuntu 12.04 and 14.04 LTS's version of libavcodec |
|
libav (6:9.18-0ubuntu0.14.04.1) trusty-security; urgency=medium
* Update to 9.18 to fix multiple security issues (LP: #1432610,
LP: #1370175)
- CVE-2013-7020
- CVE-2014-8542
- CVE-2014-8543
- CVE-2014-8544
- CVE-2014-8547
- CVE-2014-8548
- CVE-2014-9604
-- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 08:16:54 -0400
|
Source diff to previous version |
1432610 |
Libav security fixes March 2015 |
1370175 |
Libav security fixes Sept 2014 |
CVE-2013-7020 |
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which a |
CVE-2014-8542 |
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial o |
CVE-2014-8543 |
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote at |
CVE-2014-8544 |
libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service |
CVE-2014-8547 |
libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-o |
CVE-2014-8548 |
Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly h |
CVE-2014-9604 |
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of |
|
libav (6:9.16-0ubuntu0.14.04.1) trusty-security; urgency=medium
* New upstream release 9.14:
- vp3: Copy all 3 frames for thread updates (CVE-2011-3934)
- mpegts: Do not try to write a PMT larger than SECTION_SIZE (CVE-2014-2263)
- mpegts: Define the section length with a constant
- error_concealment: avoid using the picture if not fully setup (CVE-2013-0860)
- svq1: do not modify the input packet
- cdgraphics: do not return 0 from the decode function
- cdgraphics: switch to bytestream2 (CVE-2013-3674)
- huffyuvdec: check width size for yuv422p (CVE-2013-0848)
- mmvideo: check horizontal coordinate too (CVE-2013-3672)
- wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
- lavc: Check the image size before calling get_buffer (CVE-2011-3935)
- huffyuv: Check and propagate function return values (CVE-2013-0868)
- h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
- h264_sei: check SEI size
- pgssubdec: Check RLE size before copying (CVE-2013-0852)
- fate: Add dependencies for dct/fft/mdct/rdft tests
- video4linux2: Avoid a floating point exception
- vf_select: Drop a debug av_log with an unchecked double to enum conversion
- eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
-- Reinhard Tartler <email address hidden> Sat, 09 Aug 2014 19:50:43 -0400
|
Source diff to previous version |
CVE-2011-3934 |
Double free vulnerability in the vp3_update_thread_context function in ... |
CVE-2014-2263 |
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) ... |
CVE-2013-0860 |
The ff_er_frame_end function in libavcodec/error_resilience.c in ... |
CVE-2013-3674 |
The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg ... |
CVE-2013-0848 |
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 ... |
CVE-2013-3672 |
The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg ... |
CVE-2014-2098 |
libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect ... |
CVE-2011-3935 |
The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ... |
CVE-2013-0868 |
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers ... |
CVE-2011-3946 |
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg ... |
CVE-2013-0852 |
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg ... |
CVE-2013-0851 |
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 ... |
|
libav (6:9.14-0ubuntu0.14.04.1) trusty-security; urgency=medium
* New upstream release 9.14:
- Many security fixes issues LP: #1341216
- adpcm: Write the proper predictor in trellis mode in IMA QT
- adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
- Check mp3 header before calling avpriv_mpegaudio_decode_header() (bug/705)
- Check if an mp3 header is using a reserved sample rate
- lzo: Handle integer overflow (bug/704)
- avconv: make -shortest work with streamcopy
* Drop broken dpkg-maintscript, LP: #1315672
-- Reinhard Tartler <email address hidden> Sat, 12 Jul 2014 18:33:45 -0400
|
Source diff to previous version |
1341216 |
Libav security fixes Jul 2014 |
1315672 |
Installation of libav-tools produces dpkg error |
|
libav (6:9.13-0ubuntu0.14.04.1) trusty-security; urgency=medium
* Merge from unstable, remaining changes:
- build-depend on libtiff5-dev rather than libtiff4-dev,
avoids FTBFS caused by imlib
* New upstream release 9.13:
- Many security fixes issues LP: #1277173
- swscale: Fix an undefined behaviour
- matroska: add the Opus mapping
- mp3enc: Properly write bitrate value in XING header (Closes: #736088)
- origin/pu/9 oggdec: add support for Opus in Ogg demuxing
(Fixes: libav/603, Closes: #720563)
- apedec: do not buffer decoded samples over AVPackets (Closes: #744901)
- isom: lpcm in mov default to big endian
- movdec: handle 0x7fff langcode as macintosh per the specs
- h264: reset next_output_pic earlier in start_frame()
(Fixes: libav/672, Closes: #741240, LP: #1288206)
- rtmpproto: Make sure to pass on the error code if read_connect failed
- lavr: allocate the resampling buffer with a positive size
- tiffdec: use bytestream2 to simplify overread/overwrite protection
- resample: fix avresample_get_delay() return value
- avi: Improve non-interleaved detection (Fixes: libav/666)
- af_channelmap: fix ONE_STR mapping mode
- movenc: allow override of "writing application" tag
- matroskaenc: allow override of "writing application" tag
- avfilter: Add missing emms_c when needed
- build: Use pkg-config for openjpeg (Fixes: libav/387)
- mpeg12: check scantable indices in all decode_block functions
- sgidec: fix buffer size check in expand_rle_row()
- adx: check that the offset is not negative
- mpegvideo: set reference/pict_type on generated reference frames
- h264: Fix various crashes found in samples pointed by Mateusz
"j00ru" Jurczyk and Gynvael Coldwind - Thanks!
* Rebuild is reported to fix vaapi, Closes: #745655
* Fix invocation of dpkg-maintscript helper, LP: #1315672
* cleanup leftovers of the former libav-source package
* Simplify listing packages with dh_listpackage
* Drop transitional arch:all -extra- packages
* Bump standards version to 3.9.5, no changes needed
|
1277173 |
February 2014 libav security tracking bug |
1288206 |
vlc crashed with SIGSEGV in memcpy() |
1315672 |
Installation of libav-tools produces dpkg error |
736088 |
libavcodec54: wrongly set bitrate in XING header (mp3enc) - Debian Bug report logs |
720563 |
libav: Doesn't decode opus while opus support is compiled in? - Debian Bug report logs |
744901 |
libav: APE audio decoding is broken (apedec: do not buffer decoded samples over AVPackets) - Debian Bug report logs |
741240 |
vlc segfaults while playing MKV files - Debian Bug report logs |
745655 |
libav: latest patch enabling PIC on s390 breaks video playback using vaapi - Debian Bug report logs |
|
About
-
Send Feedback to @ubuntu_updates