Login


 
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Libav
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Libav
ID: USN-1674-1
Distribution: Ubuntu
Plattformen: Ubuntu 11.10
Datum: Mi, 19. Dezember 2012, 22:41
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2801

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============8503182144895838724==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enigA117F06A934D2D2096DBBBF5"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigA117F06A934D2D2096DBBBF5
Content-Type: text/plain; charset=ISO-8859-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1674-1
December 19, 2012

libav vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

Libav could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
- libav: Multimedia player, server, encoder and transcoder

Details:

It was discovered that Libav incorrectly handled certain malformed media
files. If a user were tricked into opening a crafted media file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
libavcodec53 4:0.7.6-0ubuntu0.11.10.2
libavformat53 4:0.7.6-0ubuntu0.11.10.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1674-1
CVE-2012-2772, CVE-2012-2775, CVE-2012-2777, CVE-2012-2779,
CVE-2012-2784, CVE-2012-2786, CVE-2012-2788, CVE-2012-2789,
CVE-2012-2790, CVE-2012-2793, CVE-2012-2794, CVE-2012-2798,
CVE-2012-2800, CVE-2012-2801

Package Information:
https://launchpad.net/ubuntu/+source/libav/4:0.7.6-0ubuntu0.11.10.2



--------------enigA117F06A934D2D2096DBBBF5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQ0cVsAAoJEGVp2FWnRL6TAFcQALpQxS7so0CwvJsPcH5a78IK
Ugg09Sxo9XMqrlPLtXlQ4HqGTKPP/k7knVJlxTYNLSQ9TImF61QftqPkUmmg7sM+
wKjLd9dYrJaQtIw3de0k3r6dMdpQXYF1aAXDsd/kg+bQ98d/SwnpYeX8/xvgVWB/
nB8yfcXahZxOl6UjqxEbBQiuzPvy06BbT/RzCqj+czFHHSvFEHjLtjd8GFsTGd0k
wqx3n42zfaRea+x81QZdhGGA6MoL5HdUVxzH2iLHyWRsJgk2kq1ulE4qlUNzG+hk
UGSIJPcztw9Pd3aJzgYtZlrxlrfCpK1X0DrH5wF04RqeEFmghTM16mRMjCQF5SW/
hCESHdqn/UTLFI+J9Z0AqT6Mn1lsXoiW9BiuvbiKbMgZjlRtWP/Iw72oFdSJb4Yg
SREmK2p/o2mnUvcARKlLPH+cbaQDy4o57hH1AN3/MmXTDBoW7o/KmRxM4tOrVJY+
KsL/TFjzVkF0OLq0kl9fL4gIrZlK/ePZkPudJ1asHMG9BfdjjojjRN/GBVfmuM1D
eJCeT4+mBHHCGg65/bbYGISVyzFFCfVQPXVt2N8eFGvHZ9mq4tBZKpYSj4sU1Dnp
wpZ7xx+ahdpeclkcwiFxI4847mXgif7HnHbLBrTLDrVdh1Xrw489fZi3acBxsbt7
Rsu+kl2h1FqJNMJWp1Kh
=WpTQ
-----END PGP SIGNATURE-----

--------------enigA117F06A934D2D2096DBBBF5--


--===============8503182144895838724==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8503182144895838724==--
Pro-Linux
Frohe Weihnachten Fest!
Neue Nachrichten
Werbung