Univention Bugzilla – Full Text Bug Listing |
Summary: | ffmpeg: Multiple issues (4.3) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P5 | ||
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-1-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 0.0 () | ||
Bug Depends on: | |||
Bug Blocks: | 47479 |
Description
Quality Assurance
2018-08-08 12:52:20 CEST
--- mirror/ftp/4.3/unmaintained/4.3-0/source/ffmpeg_3.2.10-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-1/source/ffmpeg_3.2.12-1~deb9u1.dsc @@ -1,3 +1,29 @@ +7:3.2.12-1~deb9u1 [Sat, 28 Jul 2018 16:27:42 +0800] James Cowgill <jcowgill@debian.org>: + + * New upstream release. + - avformat/movenc: Write version 2 of audio atom if channels is not known. + (CVE-2018-14395) + - avcodec/imgconvert: fix possible null pointer dereference. + (Closes: #904123) + +7:3.2.11-1~deb9u1 [Fri, 13 Jul 2018 23:29:52 +0100] James Cowgill <jcowgill@debian.org>: + + * New upstream release. + - avfilter/vf_transpose: Fix used plane count. (CVE-2018-6392) + - avcodec/utvideodec: Fix bytes left check in decode_frame(). + (CVE-2018-6621) + - avcodec/utvideodec: Check subsample factors. (CVE-2018-7557) + - avcodec/utvideodec: Set pro flag based on fourcc. (CVE-2018-10001) + - avcodec/mpeg4videoenc: Use 64 bit for times in + mpeg4_encode_gop_header(). (CVE-2018-12458) + - avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample. + (CVE-2018-13300) + - avformat/movenc: Check that frame_types other than + EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id. + (CVE-2018-13302) + * debian/control: + - Add Breaks on vokoscreen << 2.2.0 to libav-tools. (Closes: #864917) + 7:3.2.10-1~deb9u1 [Fri, 26 Jan 2018 09:45:14 +0000] James Cowgill <jcowgill@debian.org>: * New upstream release. <http://10.200.17.11/4.3-1/#3701014347878508005> OK: patches OK: piuparts OK: yaml OK: errata-announce ffmpeg.yaml [4.3-1] c9efd3e06b Bug #47504: ffmpeg 7:3.2.12-1~deb9u1 doc/errata/staging/ffmpeg.yaml | 50 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) |