Re: wheezy update for libav

To: Diego Biurrun <diego@biurrun.de>
Cc: debian-lts@lists.debian.org
Subject: Re: wheezy update for libav
From: Hugo Lefeuvre <hle@debian.org>
Date: Wed, 11 Jan 2017 21:14:52 +0100
Message-id: <[🔎] 20170111201452.f6vttmskftat3ox5@hle.local>
In-reply-to: <[🔎] 20170111100920.GE17342@dream>
References: <20161003160551.7zqkvp7xfc7qpccr@hle.local> <20161004172650.GP5584@spawn.fritz.box> <20161025083804.zvy2rzibmxjfwa4g@hle.local> <20161028174327.GA3752@dream> <20161103092959.53nrvhlhvqixmin5@hle.local> <20161117183159.GW21493@dream> <20161209172007.scxoge4mnguggbpc@hle.local> <20161210152330.GN7761@dream> <[🔎] 20170106103249.wjmszutgkuidpm25@hle.local> <[🔎] 20170111100920.GE17342@dream>

Hi Diego,

I've prepared the update, it should be uploaded soon.

> > I've had a look at the new CVEs reported for libav. I managed to
> > reproduce CVE-2016-98{21,22} (avconv crashes with segfault), but
> > cherry picking the fix[0,1,2] for these issues doesn't seem to fix
> > the problem.
> 
> It would help me to know which problem is CVE 21 and which is 22 so
> that I can mark the fixing commits correctly in Git.

See https://marc.info/?l=oss-security&m=148090747301705&w=2

By the way, what about the patches I submitted here[0] ?

Cheers,
 Hugo

[0] https://lists.debian.org/debian-lts/2016/12/msg00058.html

-- 
             Hugo Lefeuvre (hle)    |    www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: wheezy update for libav
  - From: "Diego Biurrun" <diego@biurrun.de>

References:
- Re: wheezy update for libav
  - From: Hugo Lefeuvre <hle@debian.org>
- Re: wheezy update for libav
  - From: "Diego Biurrun" <diego@biurrun.de>

Prev by Date: Re: Wheezy update of w3m?
Next by Date: Re: Testing Asterisk for Wheezy LTS
Previous by thread: Re: wheezy update for libav
Next by thread: Re: wheezy update for libav
Index(es):
- Date
- Thread