Home Feedly IFTTT USN-2244-1: Libav vulnerability

USN-2244-1: Libav vulnerability

By
Wednesday, June 11, 2014
Read
Add Comment

Ubuntu Security Notice USN-2244-1


11th June, 2014


libav vulnerability


A security issue affects these releases of Ubuntu and its derivatives:



  • Ubuntu 13.10

  • Ubuntu 12.04 LTS


Summary


Libav could be made to crash or run programs as your login if it opened a specially crafted file.


Software description



  • libav - Multimedia player, server, encoder and transcoder


Details


It was discovered that Libav incorrectly handled certain malformed media

files. If a user were tricked into opening a crafted media file, an

attacker could cause a denial of service via application crash, or possibly

execute arbitrary code with the privileges of the user invoking the

program.


Update instructions


The problem can be corrected by updating your system to the following package version:



Ubuntu 13.10:

libavformat53 6:0.8.12-0ubuntu0.13.10.1

libavcodec53 6:0.8.12-0ubuntu0.13.10.1

Ubuntu 12.04 LTS:

libavformat53 4:0.8.12-0ubuntu0.12.04.1

libavcodec53 4:0.8.12-0ubuntu0.12.04.1


To update your system, please follow these instructions: http://bit.ly/1aJDvTw.


This update uses a new upstream release, which includes additional bug

fixes. In general, a standard system update will make all the necessary

changes.


References


CVE-2014-3984






via Ubuntu Security Notices http://bit.ly/1l3d6ZW
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us