-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 02 Mar 2016 23:13:43 +0100
Source: libav
Binary: libav-tools libav-dbg libav-doc libavutil54 libavcodec56 libavdevice55 libavformat56 libavfilter5 libswscale3 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libswscale-dev libavresample-dev libavresample2 libavcodec-extra-56 libavcodec-extra
Architecture: source all amd64
Version: 6:11.6-1~deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Sebastian Ramacher <sramacher@debian.org>
Description:
libav-dbg - Debug symbols for Libav related packages
libav-doc - Documentation of the Libav API
libav-tools - Multimedia player, encoder and transcoder
libavcodec-dev - Development files for libavcodec
libavcodec-extra - Libav codec library (additional codecs meta-package)
libavcodec-extra-56 - Libav codec library (additional codecs)
libavcodec56 - Libav codec library
libavdevice-dev - Development files for libavdevice
libavdevice55 - Libav device handling library
libavfilter-dev - Development files for libavfilter
libavfilter5 - Libav video filtering library
libavformat-dev - Development files for libavformat
libavformat56 - Libav file format library
libavresample-dev - Development files for libavresample
libavresample2 - Libav audio resampling library
libavutil-dev - Development files for libavutil
libavutil54 - Libav utility library
libswscale-dev - Development files for libswscale
libswscale3 - Libav video scaling library
Changes:
libav (6:11.6-1~deb8u1) jessie-security; urgency=medium
.
* New upstream release fixing multiple security issues.
- concat: disable by default (CVE-2016-1897, CVE-2016-1898)
- aac_parser: add required padding for GetBitContext buffer
- ac3_parser: add required padding for GetBitContext buffer
- imc: add required padding for GetBitContext buffer
- h263: Always check both dimensions
- opusdec: properly handle mismatching configurations in multichannel
streams
- mov: Correctly allocate ctts_data
- aac: Wait to know the channels before allocating frame
- rtpdec_asf: Check memory allocation and free memory on error
- jack: Check memory allocation
- mov: Check memory allocation
- mkv: Correctly report the latest packet had been flushed
- aic: Fix slice size computation for widths multiples of 32 macroblocks
- webp: Make sure enough bytes are available
- g726: Do not crash on user mistake
- bytestream2: set the reader to the end when reading more than available
- vp7: bound checking in vp7_decode_frame_header
- mux: Make sure that the data is actually written
- file: properly forward errors from file_read() and file_write()
- mmvideo: Make sure the rle does not write over the frame boundaries
- opus: Buffer the samples from the correct offset
- nut: Use the correct codec_tag when multiple are available
- truemotion2: Fix the buffer check
- mimic: Always return on failure
- msnwc_tcp: Correctly report failure
- rpza: Check the blocks left before processing one
- dvdsubdec: Validate the RLE offsets
- avi: Validate the stream-id for DV as well
- mov: Use the correct type for size
* debian/confflags: Force --disable-protocol=concat.
* debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts.
(CVE-2016-2326)
Checksums-Sha1:
d6436d0c60647061edbd49faa7af251d9c8ca8ef 3973 libav_11.6-1~deb8u1.dsc
2296cbd7afe98591eb164cebe436dcb5582efc9d 4860268 libav_11.6.orig.tar.xz
f69a4a879a6884290eca4789836129a69c6b00b9 70228 libav_11.6-1~deb8u1.debian.tar.xz
6e38559a885c1b9350ec595af96fd6ab77bc9d62 18703568 libav-doc_11.6-1~deb8u1_all.deb
bef847000f12f44428c6f4b1674f6be2f081bc91 61902 libavcodec-extra_11.6-1~deb8u1_all.deb
31ca05f41d087ede4eb106f6363cba02784954be 469854 libav-tools_11.6-1~deb8u1_amd64.deb
0adc5301a0085059c2320b9ed7c85a1fbfd39521 21588094 libav-dbg_11.6-1~deb8u1_amd64.deb
dca59835e8fa5b65bc200c50bca897c40668b8b0 126770 libavutil54_11.6-1~deb8u1_amd64.deb
7fbc4b2e9c0b9e237a27cf385c935467ebdd9160 3103398 libavcodec56_11.6-1~deb8u1_amd64.deb
c2f45667f845234b3a818dc3fbdeebe6b084f0a5 86774 libavdevice55_11.6-1~deb8u1_amd64.deb
43669fcf119195166358e4856220bb10e7bbbe5f 581622 libavformat56_11.6-1~deb8u1_amd64.deb
79f932e1ff11166c52d3e1c95b935d6b156c6941 167182 libavfilter5_11.6-1~deb8u1_amd64.deb
ccfb55929cdeba5a3f833fae17de0f4c7c8bcaa0 140128 libswscale3_11.6-1~deb8u1_amd64.deb
43867441bd7ba0c305defc4e3f7d74a8d8a040e1 189038 libavutil-dev_11.6-1~deb8u1_amd64.deb
b5f6c736e82f9f6d4c95a64fab5dff738164028b 3426848 libavcodec-dev_11.6-1~deb8u1_amd64.deb
dec3ca2823620f16453a52f09ed0cb34e560dc38 89866 libavdevice-dev_11.6-1~deb8u1_amd64.deb
ed087755a6a0212265776beb9c31258284803089 686234 libavformat-dev_11.6-1~deb8u1_amd64.deb
1004a715c48efad911ee77f4f73d3382eaf296a9 198300 libavfilter-dev_11.6-1~deb8u1_amd64.deb
7219b9d870df29889ea340e13432a6db32090218 152920 libswscale-dev_11.6-1~deb8u1_amd64.deb
ca2c2c76361a3f205ab4362b342b911d13e4f364 108096 libavresample-dev_11.6-1~deb8u1_amd64.deb
41ed9faa6452a1358fa9567db15beeae143c7cb3 99224 libavresample2_11.6-1~deb8u1_amd64.deb
08a54ea6ee67812c2f992e2c309cbf9c4ab784cf 3107144 libavcodec-extra-56_11.6-1~deb8u1_amd64.deb
Checksums-Sha256:
2a4d4afc2decf8b5e18d649d5be55cac58912f860e16b0b38fafa47811b50753 3973 libav_11.6-1~deb8u1.dsc
542f30e4266d2d2226e681b888bc718c995f5438f2db66a9a27d581243d27aed 4860268 libav_11.6.orig.tar.xz
85d432d69d3706c994b8d7e2ca5c347874f0aa7f70203df3d5ff3569f5347926 70228 libav_11.6-1~deb8u1.debian.tar.xz
a308c89fe20c293f72a657e6ba18d904e24eded3619872cfbd627e409d9e9d2c 18703568 libav-doc_11.6-1~deb8u1_all.deb
e855e17554ccdbd9e3218007389802daf3cd5463681e5a078ac918a6a5c631ee 61902 libavcodec-extra_11.6-1~deb8u1_all.deb
1b833e01700184fc69d96139519b7b33d1c7e3d89ce67761dd9286e556b0461e 469854 libav-tools_11.6-1~deb8u1_amd64.deb
0e22b8fcde5e4f259586bdb9a30d2d5401efe84fab04e54ce93743381daa00ad 21588094 libav-dbg_11.6-1~deb8u1_amd64.deb
ee12192bcc578ea301a7c3ccef2fa8d0749308305108a0a75df41bce7ffc3482 126770 libavutil54_11.6-1~deb8u1_amd64.deb
f5c608ca421b374f43fd16abda8fa252cf202e847e9cf8259ae0acdd41727517 3103398 libavcodec56_11.6-1~deb8u1_amd64.deb
f92658de36efa619ce969c5c803b5d36473bf8dbbef7d823dc9f63d2aa52dcfd 86774 libavdevice55_11.6-1~deb8u1_amd64.deb
3ea4d3c5eba05bba60a56acf8604ca79f0dc437ff7c4674af990cca4c06f0305 581622 libavformat56_11.6-1~deb8u1_amd64.deb
7be8de24602084eabf3f6efb8e0464d7400a396466351ddbd364dd1325165fc1 167182 libavfilter5_11.6-1~deb8u1_amd64.deb
5d31a5f8c9cf64e5156a06a6f79fdd0e3f98f1d74ce6b235d0c0fa078f0dd71e 140128 libswscale3_11.6-1~deb8u1_amd64.deb
5f4908487d7890fef5f1df410cb4ed5300915ff47aa55194c66da6d9b0e8cbe8 189038 libavutil-dev_11.6-1~deb8u1_amd64.deb
b749a8e60c331b2dfccb11cb2d11973446e31bd823efaac15e44e6555235ab45 3426848 libavcodec-dev_11.6-1~deb8u1_amd64.deb
353468df821689fe396a2eaaf62bfa8e9bfb12a409ae56bbb150892c3dcac264 89866 libavdevice-dev_11.6-1~deb8u1_amd64.deb
ce82ec62cfbe41e6b8381583e24b5bb5ab8c610c3b1f4887fae9bb9cc609178f 686234 libavformat-dev_11.6-1~deb8u1_amd64.deb
9ce480a444d936009290ea12ad7b4177d258e80535c635ddeada5034441ffee3 198300 libavfilter-dev_11.6-1~deb8u1_amd64.deb
2cb40b69393f8a463e2c21b32baf6cde16b5cda0b3957e25eeb03a31813edf0a 152920 libswscale-dev_11.6-1~deb8u1_amd64.deb
8a453b54bad1abce9698b6a3d33f2f48d8f5fd1fa15f045bb76b6bb175565bc1 108096 libavresample-dev_11.6-1~deb8u1_amd64.deb
1e5d3b8d7ac6a57ca43679c39afed5fb3d33443e4635342ed15d855df8773dc8 99224 libavresample2_11.6-1~deb8u1_amd64.deb
dc8fd0fb0b0071c8d3ff56fc397aa839c221a6d6ff1c4050ded4cfcaabcfd3ff 3107144 libavcodec-extra-56_11.6-1~deb8u1_amd64.deb
Files:
591cf48e42a8ea63a74fbbf50477511a 3973 libs optional libav_11.6-1~deb8u1.dsc
894ea5e193a4fa129ca527d9a33a9ffc 4860268 libs optional libav_11.6.orig.tar.xz
5dadf69e613c5d02b9ea2b3b8820c8bb 70228 libs optional libav_11.6-1~deb8u1.debian.tar.xz
6395e9e42eb3d4575f06d655cb0efad3 18703568 doc optional libav-doc_11.6-1~deb8u1_all.deb
11099c5e81f9733b6b89f8dbadf89448 61902 metapackages extra libavcodec-extra_11.6-1~deb8u1_all.deb
8623396bfb6304ad542e32d18a72eed6 469854 video optional libav-tools_11.6-1~deb8u1_amd64.deb
d45c61fc83b7b51b15263dc304e3be0e 21588094 debug extra libav-dbg_11.6-1~deb8u1_amd64.deb
2c38f79428b5e69af5c4a9bd79bbfe5e 126770 libs optional libavutil54_11.6-1~deb8u1_amd64.deb
b9641b806173a4446c5ee91f8aebb1e0 3103398 libs optional libavcodec56_11.6-1~deb8u1_amd64.deb
78572649eff311e541e47d31036ae10e 86774 libs optional libavdevice55_11.6-1~deb8u1_amd64.deb
66897f08b66572cb00fb52be817ef95b 581622 libs optional libavformat56_11.6-1~deb8u1_amd64.deb
42064339502e7cf4fb433c7584c33a1d 167182 libs optional libavfilter5_11.6-1~deb8u1_amd64.deb
bca7692406eaf1056ba915be874d9c0c 140128 libs optional libswscale3_11.6-1~deb8u1_amd64.deb
428d28f193e51215c9b04ef6fb3fa74b 189038 libdevel optional libavutil-dev_11.6-1~deb8u1_amd64.deb
3f32b6063305083ba7db81046516e647 3426848 libdevel optional libavcodec-dev_11.6-1~deb8u1_amd64.deb
6d633b2d65aca1fd7a6d5f53349862a0 89866 libdevel optional libavdevice-dev_11.6-1~deb8u1_amd64.deb
6be7666af96abeebbed067b8b8b173ff 686234 libdevel optional libavformat-dev_11.6-1~deb8u1_amd64.deb
b075dfcad4ffbdfd62b777080ca18899 198300 libdevel optional libavfilter-dev_11.6-1~deb8u1_amd64.deb
042cd61615e3c228fe8edb5c1d61b1d6 152920 libdevel optional libswscale-dev_11.6-1~deb8u1_amd64.deb
70342f5411daef9cf4dc4d1784be882a 108096 libdevel optional libavresample-dev_11.6-1~deb8u1_amd64.deb
869a66324662a2a6fee30a0078e59903 99224 libs optional libavresample2_11.6-1~deb8u1_amd64.deb
31383057b337f61dcfbfcd9b01a6093f 3107144 libs optional libavcodec-extra-56_11.6-1~deb8u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJW13HLAAoJEGny/FFupxmTWB8P/2LT0RCtbgLmluw9Go2Dpm6T
XcAJlCqDqdJppNC6W8vdKVsGiU6hnjPqeGqo18jPvkwd/wxGvej6mL8wziJzA8nf
QzFzkBMcgBb0SlgufFmVtxxePoU0NwrA2xh9/cQHAVm4pN3DKKt3LdA6o3wvRbL7
r8TXcuJ0pt5rkp/xzyJqyk59a6kgzBn6O9+j8uIla9REciS+jcBtEOGJSm7R8PMW
hKcST1YaQmF5vpFVCu7090A9hbLLaT4O/s/TDhy1UPCU7LUBBYh4MBUS4vuBjhdt
9/HZYd1X2X5Y6mAscsw1pEtrvPuUUXpyECI/ZUnm8dwFBRfrBbJPREbvJQt3G6i6
2qNZXe1TIwWK9ZVSPX4wXvVdu8ahV1IXr4pgZ/CTOQPdyiBTT2yoCHOVev7GS/rr
xdl9Y3hWLobPWSz4tVuRrrCvNdjQqkaQUlkKrda90Lhg9h4qizPh5775v9y+xIcZ
exozXsZrVHDTPqx+WGYrO6r/NQv00qw5ttuNWYrEeHlfIuTYY4z7WScm7ZCvUu06
5t2KbyV0eGhn5iU1cToUtJvLa83uIqKXKH/xhpYYZwwPHWn5clm3pBoT/42+RanW
14rwV6eD5E6ekJAXN5jgu7GFau+9Cly5XRizXI+dx6txVSRKR8n7pXufVCQdIeWh
m/4ihL9PgF2bnBovORY2
=VkX4
-----END PGP SIGNATURE-----
