You are here
Home > Preporuke > Ranjivosti programskog paketa libav

Ranjivosti programskog paketa libav

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2103-1
February 11, 2014

libav vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 13.10
– Ubuntu 12.10
– Ubuntu 12.04 LTS

Summary:

Libav could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
– libav: Multimedia player, server, encoder and transcoder

Details:

It was discovered that Libav incorrectly handled certain malformed media
files. If a user were tricked into opening a crafted media file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
libavcodec53 6:0.8.10-0ubuntu0.13.10.1
libavformat53 6:0.8.10-0ubuntu0.13.10.1

Ubuntu 12.10:
libavcodec53 6:0.8.10-0ubuntu0.12.10.1
libavformat53 6:0.8.10-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libavcodec53 4:0.8.10-0ubuntu0.12.04.1
libavformat53 4:0.8.10-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
http://www.ubuntu.com/usn/usn-2103-1
https://launchpad.net/bugs/1277173

Package Information:
https://launchpad.net/ubuntu/+source/libav/6:0.8.10-0ubuntu0.13.10.1
https://launchpad.net/ubuntu/+source/libav/6:0.8.10-0ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libav/4:0.8.10-0ubuntu0.12.04.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS+mPyAAoJEGVp2FWnRL6TGZ8P/jE5Oz4o/Atf22SNwBI1lUHK
hZWPnpeKG7g3NW35YAty+pNZrMyuBsX4GbZZxwejrx0NrEGma5KkI82zZb2VkoY7
LVN3MNOy6RGSCq5TgNVL1p0bjPy5CHstwaRgPle6H8CtdzAulZ9Jt+Esns7uJvuR
/xdxHD4bmuhDLph4QxwhsKBVwp/iRqregp1xJ2Ch/UIfNtUFLtAzcTJZm1KBJkWJ
mZZAxeQer6HmiYqqsDhAqvlqE4MVFaiiCP+P/PrLlGZJrIaRab5YgRmZwj26Mo3R
vTHS52PUXReR3oDT+dr3pmuMAFzTUgR9PHtT/QTNH8SPJKA4NCa9Ph271b/r5DV7
oj7tXuwIldKyD1fjemHkvPa41ahXvDeShFrFxpgPHOKWY6wYgas+IQhTtN8QbCJ9
p8lae51ARYiYckXZY4mYDUUkIxofJscLqHpseLq+kQH3C14P6EUEEiTsKrvQz6H9
8uS0zydMzfoOj7cM+D+OAJn7MWYQ3wjtPq2MYCSWPcPlToxxs3NMy6wIV9lfsbJZ
9QLKr+4wNMOkWG1uLq4FD9mT9tIreldxHUYi8IWv6Njgg2llRFwDpeS0m4TuUhln
dKV9pp+USROa8nz6djo33fGMVwWp9Y873vZISqvgjLTYGhUOS5mjA7Fzb7Ztv1c2
KH2wJLEsY7XQZEdSRgaH
=y28U
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Višestruke ranjivosti programskog paketa pidgin

Izdane su zakrpe za otklanjanje višestrukih ranjivosti programskog paketa pidgin za Mandriva Enterprise Server 5.0. Ranjivosti su posljedica višestrukih prekoračenja...

Close