Change logs for libav source package in 14.09

libav (6:10.4-1) unstable; urgency=medium


  * New Upstream Release v10.3
    - mpegts: Do not try to write a PMT larger than SECTION_SIZE
              (CVE-2014-2263)
    - mpegts: Define the section length with a constant
    - ffv1dec: check that global parameters do not change in version 0/1
               (CVE-2013-7020)
    - h264: fix interpretation of interleaved stereo modes
    - svq1: do not modify the input packet
    - cdgraphics: do not return 0 from the decode function
    - cdgraphics: switch to bytestream2 (CVE-2013-3674)
    - jpeg2000: enable 4 component pixel formats
    - stereo3d: add missing include guards
    - huffyuvdec: check width size for yuv422p (CVE-2013-0848)
    - mmvideo: check horizontal coordinate too (CVE-2013-3672)
    - wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
  * build against libgnutls28-dev (Closes: #758447)

 -- Reinhard Tartler <email address hidden>  Sun, 17 Aug 2014 21:55:47 -0400

libav (6:10.3-1) unstable; urgency=medium


  * New Upstream Release v10.3
    - huffyuv: Check and propagate function return values (CVE-2013-0868)
    - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
    - pgssubdec: Check RLE size before copying (CVE-2013-0852)
    - video4linux2: Avoid a floating point exception
    - vf_select: Drop a debug av_log with an unchecked double to enum conversion
    - librtmp: Don't free the temp url at the end of rtmp_open
    - arm: Avoid using the 'setend' instruction on ARMv7 and newer
    - avplay: Handle pixel aspect ratio properly
    - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
    - pg2meet: allow size changes within original sizes
    - af_compand: make sure request_frame always outputs at least one frame

 -- Reinhard Tartler <email address hidden>  Sun, 03 Aug 2014 22:30:41 -0400