On Di, Sep 13, 2011 at 09:43:11 (PDT), Moritz Muehlenhoff wrote: > Package: libav > Severity: important > > The following was reported by oCERT: > http://www.ocert.org/advisories/ocert-2011-002.html > > A CVE ID is not yet available, I will be requesting one. This is unfixed > in libav from sid. The ffmpeg fix can be found here: > http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c5cbda50793e311aa73489d12184ffd6761c9fbf
Libav upstream believes that patch doesn't fix anything, but provides the following one instead: http://git.libav.org/?p=libav.git;a=commitdiff;h=bd968d260aef322fb32e254a3de0d2036c57bd56 (btw, it seems ffmpeg has in the meantime merged this one as well) Cheers, Reinhard -- Gruesse/greetings, Reinhard Tartler, KeyID 945348A4 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
