CVE-2011-4351
Priority
Medium
Description
An error within the QDM2 decoder (libavcodec/qdm2.c) can be
exploited to cause a buffer overflow.
exploited to cause a buffer overflow.
References
Notes
mdeslaur> ffmpeg-extra in multiverse needs to have matching version
mdeslaur> libav-extra is built with tarball produced by libav package
mdeslaur> This fixes NGS00144
mdeslaur> As of 2011-12-22, libav is missing the last two commits, but
mdeslaur> upstream says they aren't necessary.
mdeslaur> libav-extra is built with tarball produced by libav package
mdeslaur> This fixes NGS00144
mdeslaur> As of 2011-12-22, libav is missing the last two commits, but
mdeslaur> upstream says they aren't necessary.
Assigned-to
mdeslaur
Package
| Upstream: | released (0.7.3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | released (4:0.6.4-0ubuntu0.11.04.1) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (4:0.7.3-0ubuntu0.11.10.1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (4:0.7.3-2ubuntu1) |
Patches:
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (4:0.5.1-1ubuntu1.3) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (4:0.5.1-1ubuntu1.3) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Patches:
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | released (4:0.6.4-1ubuntu1) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (4:0.7.3ubuntu0.11.10.1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (4:0.7.3ubuntu1) |