Candidate: CVE-2012-2799 PublicDate: 2012-09-10 22:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2799 http://www.openwall.com/lists/oss-security/2012/09/02/4 http://www.openwall.com/lists/oss-security/2012/08/31/3 http://secunia.com/advisories/50468 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3 http://ffmpeg.org/security.html Description: Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset." Ubuntu-Description: Notes: mdeslaur> ffmpeg-extra in multiverse needs to have matching version mdeslaur> libav-extra is built with tarball produced by libav package mdeslaur> no wmalossless in 0.8.x and older Bugs: Priority: low Discovered-by: Assigned-to: CVSS: Patches_ffmpeg: upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3 upstream_ffmpeg: released (0.11) hardy_ffmpeg: ignored (reached end-of-life) lucid_ffmpeg: not-affected natty_ffmpeg: DNE oneiric_ffmpeg: DNE precise_ffmpeg: DNE quantal_ffmpeg: DNE devel_ffmpeg: DNE Patches_ffmpeg-extra: upstream_ffmpeg-extra: needs-triage hardy_ffmpeg-extra: DNE lucid_ffmpeg-extra: not-affected natty_ffmpeg-extra: DNE oneiric_ffmpeg-extra: DNE precise_ffmpeg-extra: DNE quantal_ffmpeg-extra: DNE devel_ffmpeg-extra: DNE Patches_libav: upstream: http://git.libav.org/?p=libav.git;a=commit;h=d65d8347314b645051e336aed141aaf32a6c0d02 (trunk) upstream_libav: needs-triage hardy_libav: DNE lucid_libav: DNE natty_libav: ignored (reached end-of-life) oneiric_libav: not-affected precise_libav: not-affected quantal_libav: not-affected devel_libav: not-affected Patches_libav-extra: upstream_libav-extra: needs-triage hardy_libav-extra: DNE lucid_libav-extra: DNE natty_libav-extra: ignored (reached end-of-life) oneiric_libav-extra: not-affected precise_libav-extra: not-affected quantal_libav-extra: not-affected devel_libav-extra: not-affected