Bug#654573: Bug#654534: libav: multiple security issues

2012-01-07 Thread Reinhard Tartler
On Wed, Jan 4, 2012 at 1:35 AM, Michael Gilbert wrote: > the following CVE (Common Vulnerabilities & Exposures) ids were > published for libav. > > CVE-2011-3895[2]: > | Heap-based buffer overflow in the Vorbis decoder in Google Chrome > | before 15.0.874.120 allows remote attackers to cause a den

Processed: Re: Bug#654534: libav: multiple security issues

2012-01-04 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > clone 654534 -1 -2 -3 Bug#654534: libav: multiple security issues Bug 654534 cloned as bugs 654571-654573. > retitle -1 CVE-2011-3892: Double free vulnerability in the Theora decoder Bug #654571 [libav] libav: multiple security issues C

Bug#654534: libav: multiple security issues

2012-01-04 Thread Reinhard Tartler
clone 654534 -1 -2 -3 retitle -1 CVE-2011-3892: Double free vulnerability in the Theora decoder retitle -2 CVE-2011-3893: DoS in MKV demuxer retitle -3 CVE-2011-3895: heap-based buffer overflow in vorbis decoder forwarded -1 http://bugzilla.libav.org/show_bug.cgi?id=189 forwarded -2 http://bugzilla

Processed: Re: Bug#654534: libav: multiple security issues

2012-01-04 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > tag 654534 -patch Bug #654534 [libav] libav: multiple security issues Removed tag(s) patch. > stop Stopping processing here. Please contact me if you need assistance. -- 654534: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654534 Debian Bug

Bug#654534: libav: multiple security issues

2012-01-04 Thread Reinhard Tartler
tag 654534 -patch stop On Mi, Jan 04, 2012 at 01:48:01 (CET), Michael Gilbert wrote: > Note patches are available on the CVE pages for these issues: > http://security-tracker.debian.org/tracker/source-package/libav Please send the patches as attachments to this bug. I'm having a hard time to loc

Bug#654534: libav: multiple security issues

2012-01-03 Thread Michael Gilbert
tag 654534 patch thanks Note patches are available on the CVE pages for these issues: http://security-tracker.debian.org/tracker/source-package/libav -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.or

Bug#654534: libav: multiple security issues

2012-01-03 Thread Michael Gilbert
Package: libav Version: 4:0.7.3-2 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for libav. CVE-2011-3892[0]: | Double free vulnerability in the Theora decoder in Google Chrome | before 15.0.874.120 allows remote attackers to cause a