-
libav (6:0.8.9-0ubuntu0.13.04.1) raring-security; urgency=low
* Update to 0.8.9 to fix multiple security issues (LP: #1249621)
-- Marc Deslauriers <email address hidden> Sat, 09 Nov 2013 10:48:01 -0500
-
libav (6:0.8.8-0ubuntu0.13.04.1) raring-security; urgency=low
* Update to 0.8.8 to fix multiple security issues (LP: #1242802)
-- Marc Deslauriers <email address hidden> Mon, 21 Oct 2013 13:43:38 -0400
-
libav (6:0.8.6-1ubuntu2) raring; urgency=low
* Put back the dh_strip invocations. Otherwise, no .ddebs will be
available at all.
-- Reinhard Tartler <email address hidden> Sat, 30 Mar 2013 22:41:36 +0100
-
libav (6:0.8.6-1ubuntu1) raring; urgency=low
* Merge from debian/unstable, LP: #1160734, remaining changes:
- don't build against libdirac, lame, libopenjpeg, librtmp, frei0r,
vo-aacenc, vo-amrenc, x264, and xvid (all in universe)
- do not build libav-extra-dbg, it is build from the libav-extra source
package in ubuntu.
- drop libav-regular-dbg, not necessary in ubuntu
- Adjust LIB_PKGS/LIB_PKGS2 lists in debian/rules
- several ifdefs in debian/rules that allow the use of the same file
in libav and libav-extra (most of this can be merged into the debian
package)
* Tested that co-instability of libavcodec-dev with libavcodec-extra-53 works.
LP: #1143929, #1101829
* Remove all debug packages. In ubuntu, we provide debug symbols via the
.ddeb infrastructure.
libav (6:0.8.6-1) unstable; urgency=low
* Imported Upstream version 0.8.6, new releases fixes:
- h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
- iff: validate CMAP palette size (CVE-2013-2495)
- msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496)
- vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
- Thus, closes: #703200
libav (6:0.8.5-1) unstable; urgency=low
* New upstream security/bugfix release. New releases fixes
(bug numbers reference http://bugzilla.libav.org, Closes: #694483)
- Indeo 4 (CVE-2012-2791)
- VP5/VP6 (CVE-2012-2783)
- Indeo 3 (CVE-2012-2804)
- MPEG-1/2 (CVE-2012-2803)
- MP3 (CVE-2012-2797)
- AAC (CVE-2012-5144)
- AC-3 (CVE-2012-2802)
- AVS (CVE-2012-2801)
- DFA (CVE-2012-2798)
- ID3v2 (Bug 395)
- Serious Memory leaks on broken Ogg files
* drop recordshow script. This clearly undermaintained script has
unclear copyright status and is unlikely to work properly anyway.
-- Reinhard Tartler <email address hidden> Wed, 27 Mar 2013 07:57:15 +0100
-
libav (6:0.8.5-0ubuntu1) raring; urgency=low
* Update to 0.8.5 to fix multiple security issues. (LP: #1104019)
- CVE-2012-2783
- CVE-2012-2791
- CVE-2012-2797
- CVE-2012-2798
- CVE-2012-2801
- CVE-2012-2802
- CVE-2012-2803
- CVE-2012-2804
- CVE-2012-5144
-- Marc Deslauriers <email address hidden> Thu, 24 Jan 2013 08:05:12 -0500
-
libav (6:0.8.4-0ubuntu2) raring; urgency=low
* Weaken dependencies on -dev packages. LP: #1038781
-- Reinhard Tartler <email address hidden> Sun, 09 Dec 2012 19:09:54 +0100
-
libav (6:0.8.4-0ubuntu1) raring-proposed; urgency=low
* No change rebuild for raring
libav (6:0.8.4-0ubuntu0.12.10.1) quantal-security; urgency=low
* Update to 0.8.4 to fix multiple security issues. (LP: #1075593)
- CVE-2012-2772
- CVE-2012-2775
- CVE-2012-2776
- CVE-2012-2777
- CVE-2012-2779
- CVE-2012-2784
- CVE-2012-2786
- CVE-2012-2787
- CVE-2012-2788
- CVE-2012-2789
- CVE-2012-2790
- CVE-2012-2793
- CVE-2012-2794
- CVE-2012-2796
- CVE-2012-2798
- CVE-2012-2800
- CVE-2012-2801
- CVE-2012-2802
* Removed upstreamed patches:
- 0001-h264-allow-cropping-to-AVCodecContext.width-height.patch
- 0002-mov-set-AVCodecContext.width-height-for-h264.patch
-- Jamie Strandboge <email address hidden> Fri, 16 Nov 2012 12:39:50 -0600
-
libav (6:0.8.4-0ubuntu0.12.10.1) quantal-security; urgency=low
* Update to 0.8.4 to fix multiple security issues. (LP: #1075593)
- CVE-2012-2772
- CVE-2012-2775
- CVE-2012-2776
- CVE-2012-2777
- CVE-2012-2779
- CVE-2012-2784
- CVE-2012-2786
- CVE-2012-2787
- CVE-2012-2788
- CVE-2012-2789
- CVE-2012-2790
- CVE-2012-2793
- CVE-2012-2794
- CVE-2012-2796
- CVE-2012-2798
- CVE-2012-2800
- CVE-2012-2801
- CVE-2012-2802
* Removed upstreamed patches:
- 0001-h264-allow-cropping-to-AVCodecContext.width-height.patch
- 0002-mov-set-AVCodecContext.width-height-for-h264.patch
-- Marc Deslauriers <email address hidden> Tue, 06 Nov 2012 10:29:38 -0500
-
libav (6:0.8.3-6ubuntu2) quantal; urgency=low
* Temporarily fudge the versioning of libavcodec-dev's dependency on
libavcodec-extra-53 to cope with the botched merge of libav-extra.
-- Colin Watson <email address hidden> Mon, 01 Oct 2012 11:48:25 +0100