[SCM] libav/wheezy-security: update debian/changelog

siretart at users.alioth.debian.org siretart at users.alioth.debian.org
Sat Aug 9 22:59:01 UTC 2014 

The following commit has been merged in the wheezy-security branch:
commit 6ad2b128af13c3b3fc51d89ba1b2df6272a0943f
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Sat Aug 9 09:31:56 2014 -0400

    update debian/changelog

diff --git a/debian/changelog b/debian/changelog
index 4456a36..b346e31 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,30 @@
+libav (6:0.8.15-1) stable-security; urgency=low
+
+  * Imported Upstream version 0.8.15, new releases fixes:
+    - vp3: Copy all 3 frames for thread updates (CVE-2011-3934)
+    - mpegts: Do not try to write a PMT larger than SECTION_SIZE (CVE-2014-2263)
+    - mpegts: Define the section length with a constant
+    - error_concealment: avoid using the picture if not fully setup (CVE-2013-0860)
+    - svq1: do not modify the input packet
+    - cdgraphics: do not return 0 from the decode function
+    - cdgraphics: switch to bytestream2 (CVE-2013-3674)
+    - huffyuvdec: check width size for yuv422p (CVE-2013-0848)
+    - mmvideo: check horizontal coordinate too (CVE-2013-3672)
+    - huffyuv: Check and propagate function return values (CVE-2013-0868)
+    - twinvq: fix out of bounds array access
+    - h264: slice-mt: check master context for valid current_picture_ptr
+    - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
+    - h264_sei: check SEI size
+    - pgssubdec: Check RLE size before copying (CVE-2013-0852)
+    - x86: Fix linking with some or all of yasm, mmx, optimizations disabled
+    - cmdutils: Conditionally compile libswscale-related bits
+    - video4linux2: Avoid a floating point exception
+    - vf_select: Drop a debug av_log with an unchecked double to enum conversion
+    - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
+    - avcodec: Introduce ff_get_buffer to validate the image size (CVE-2011-3935)
+
+ -- Reinhard Tartler <siretart at tauware.de>  Sat, 09 Aug 2014 09:31:46 -0400
+
 libav (6:0.8.13-1) stable-security; urgency=medium
 
   * Imported Upstream version 0.8.12, new releases fixes:

-- 
Libav/FFmpeg packaging

More information about the pkg-multimedia-commits mailing list