CVE-2012-0947

NameCVE-2012-0947
DescriptionHeap-based buffer overflow in the vqa_decode_chunk function in the VQA ...
SourceCVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more)
ReferencesDSA-2471-1
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ffmpeg (PTS)squeeze, squeeze (security)4:0.5.10-1fixed
libav (PTS)wheezy6:0.8.9-1fixed
wheezy (security)6:0.8.10-1fixed
jessie, sid6:9.11-3fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ffmpegsource(unstable)(unfixed)
ffmpegsourcesqueeze4:0.5.8-1DSA-2471-1
libavsource(unstable)6:0.8.2-1

Notes

https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
http://www.openwall.com/lists/oss-security/2012/05/03/4

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)