Re: Bug#492806: libavformat52: does not handle STR file demuxing (CVE-2008-3162)
>> Package: libavformat52
>> Version: 0.svn20080206-11
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>> ubuntu just updated their libavformat packages to patch a problem with
>> STR file demuxing . does this problem apply to debian as well? the
>> CVE number is CVE-2008-3162 .
>>  http://www.ubuntu.com/usn/usn-630-1
>>  http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
> Thanks for your report but this bug is a clear dupe of #489965.
ok, i appologize, i did a quick scan of bugs in libavformat, and
somehow missed this.
there has not been a DSA to fix this problem in stable. is the
libavformat0d package vulnerable there? and if so, why isn't the
issue being tracked ?