From: Raspbian automatic forward porter <root@raspbian.org>
Date: Thu, 10 Jan 2019 10:19:28 +0000 (+0000)
Subject: Merge version 6:11.12-1~deb8u1+rpi1 and 6:11.12-1~deb8u4 to produce 6:11.12-1~deb8u4... 
X-Git-Tag: raspbian/6%11.12-1_deb8u4+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=ffdd152b01cb1d4f9ac354b9766e673d0712e724;p=libav.git

Merge version 6:11.12-1~deb8u1+rpi1 and 6:11.12-1~deb8u4 to produce 6:11.12-1~deb8u4+rpi1
---

5bbca8dc0bc83234118413581464630c6ea1a98d
diff --cc debian/changelog
index f1141b0,b4dcbb7..287a610
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,19 -1,104 +1,121 @@@
- libav (6:11.12-1~deb8u1+rpi1) jessie-staging; urgency=medium
++libav (6:11.12-1~deb8u4+rpi1) jessie-staging; urgency=medium
 +
 +  [changes brought forward from 6:11.3-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 29 Mar 2015 02:07:33 +0000]
 +  * Add special case handling for Raspbian (and any derivatives thereof) (Closes: 738760)
 +    + Disable armv6t2
 +      - note: the thumb2 variant of arv6 seems to be very rare, the Pi certainly
 +        doesn't have it.
 +    + Disable neon in the main build.
 +    + Don't build a seperate neon flavour either.
 +
 +  [changes brought forward from 6:11.4-1~deb8u1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Thu, 11 Feb 2016 15:58:25 +0000]
 +  * Re-enable specific neon build.
 +  * Move armv6t2 and neon disabling from overall configure flags to static
 +    and shared configure flags so they don't impact the neon-specific build.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Wed, 21 Feb 2018 03:02:59 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 10 Jan 2019 10:19:28 +0000
++
+ libav (6:11.12-1~deb8u4) jessie-security; urgency=high
+ 
+   * Non-maintainer upload by the LTS team.
+   * Fix the following security vulnerabilities:
+   * CVE-2017-14055: a DoS in mv_read_header() due to lack of an EOF (End of
+     File) check might cause huge CPU and memory consumption.
+   * CVE-2017-14056: a DoS in rl2_read_header() due to lack of an EOF (End of
+     File) check might cause huge CPU and memory consumption.
+   * CVE-2017-14057: a DoS in asf_read_marker() due to lack of an EOF (End of
+     File) check might cause huge CPU and memory consumption.
+   * CVE-2017-14170: a DoS in mxf_read_index_entry_array() due to lack of an EOF
+     (End of File) check might cause huge CPU consumption.
+   * CVE-2017-14171: a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End
+     of File) check might cause huge CPU consumption.
+   * CVE-2017-14767: The sdp_parse_fmtp_config_h264 function in
+     libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets values, which
+     allows remote attackers to cause a denial of service (heap buffer overflow)
+     or possibly have unspecified other impact via a crafted sdp file.
+   * CVE-2017-15672: The read_header function in libavcodec/ffv1dec.c allows
+     remote attackers to have unspecified impact via a crafted MP4 file, which
+     triggers an out-of-bounds read.
+   * CVE-2017-17130: The ff_free_picture_tables function in
+     libavcodec/mpegpicture.c allows remote attackers to cause a denial of service
+     (heap-based buffer overflow and application crash) or possibly have
+     unspecified other impact via a crafted file, related to
+     vc1_decode_i_blocks_adv.
+   * CVE-2017-9993: Libav does not properly restrict HTTP Live Streaming
+     filename extensions and demuxer names, which allows attackers to read
+     arbitrary files via crafted playlist data.
+   * CVE-2017-9994: libavcodec/webp.c in Libav before does not ensure that
+     pix_fmt is set, which allows remote attackers to cause a denial of service
+     (heap-based buffer overflow and application crash) or possibly have
+     unspecified other impact via a crafted file, related to the
+     vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions.
+   * CVE-2018-14394: libavformat/movenc.c in Libav allows attackers to cause a
+     denial of service (application crash caused by a divide-by-zero error) with a
+     user crafted Waveform audio file.
+   * CVE-2018-1999010: Libav contains multiple out of array access
+     vulnerabilities in the mms protocol that can result in attackers accessing
+     out of bound data.
+   * CVE-2018-6621: The decode_frame function in libavcodec/utvideodec.c in
+     Libav allows remote attackers to cause a denial of service (out of array
+     read) via a crafted AVI file.
+   * CVE-2018-7557: The decode_init function in libavcodec/utvideodec.c in
+     Libav allows remote attackers to cause a denial of service (Out of array
+     read) via an AVI file with crafted dimensions within chroma subsampling
+     data.
+ 
+  -- Markus Koschany <apo@debian.org>  Mon, 07 Jan 2019 19:45:12 +0100
+ 
+ libav (6:11.12-1~deb8u3) jessie-security; urgency=medium
+ 
+   * Non-maintainer upload by the Debian LTS Team.
+   * debian/patches:
+     + Rename CVE-2015-6822+6823+6824.patch to CVE-2015-6822.patch..
+   * CVE-2015-6823: avcodec/alac: Clear pointers in allocate_buffers().
+   * CVE-2015-6824: swscale/utils: Clear pix buffers. Fixes use of
+     uninitialized memory.
+ 
+  -- Mike Gabriel <sunweaver@debian.org>  Thu, 20 Dec 2018 22:56:40 +0100
+ 
+ libav (6:11.12-1~deb8u2) jessie-security; urgency=medium
+ 
+   * Non-maintainer upload by the Debian LTS Team.
+   * CVE-2014-9317: avcodec/pngdec: Check IHDR/IDAT order. Prevent remote
+     attackers from causing a denial of service (out-of-bounds heap access)
+     and possibly have other unspecified impact via an IDAT before an IHDR 
+     in a PNG file.
+   * CVE-2015-6761: avcodec/vp8: Do not use num_coeff_partitions in
+     thread/buffer setup. The variable is not a constant and can lead to
+     race conditions.
+   * CVE-2015-6818: avcodec/pngdec: Only allow one IHDR chunk. Multiple IHDR
+     chunks are forbidden in PNG. Fixes inconsistency and out of array accesses.
+   * CVE-2015-6820: avcodec/aacsbr: check that the element type matches before
+     applying SBR. Fixes out of array access.
+   * CVE-2015-6821: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init().
+     This ensures that no stale pointers leak through on any path.
+   * CVE-2015-6822, CVE-2015-6823, CVE-2015-6824: avcodec/sanm: Reset sizes in
+     destroy_buffers().
+   * CVE-2015-6825: avcodec/pthread_frame: clear priv_data, avoid stale pointer
+     in error case.
+   * CVE-2015-6826: avcodec/rv34: Clear pointers in
+     ff_rv34_decode_init_thread_copy(). Avoids leaving stale pointers.
+   * CVE-2015-8216: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan()
+     before using it. Fixes out of array access.
+   * CVE-2015-8217: avcodec/hevc_ps: Check chroma_format_idc. Fixes out of
+     array access.
+   * CVE-2015-8363: avcodec/jpeg2000dec: Check for duplicate SIZ marker.
+   * CVE-2015-8364: avcodec/ivi: Check image dimensions. Fixes integer overflow.
+   * CVE-2015-8661: avcodec/h264_slice: Limit max_contexts when
+     slice_context_count is initialized. Fixes out of array access.
+   * CVE-2015-8662: avcodec/jpeg2000dwt: Check ndeclevels before calling
+     dwt_decode*(). Fixes out of array access.
+   * CVE-2015-8663: avcodec/utils: Clear dimensions in ff_get_buffer() on
+     failure. Fixes out of array access.
+   * CVE-2016-10190: http: make length/offset-related variables unsigned.
+     Required cherry-picking 3668701f and 362c17e6 from ffmpeg.git.
+   * CVE-2016-10191: avformat/rtmppkt: Check for packet size mismatches.
+     Fixes out of array access.
+ 
+  -- Mike Gabriel <sunweaver@debian.org>  Wed, 19 Dec 2018 14:31:49 +0100
  
  libav (6:11.12-1~deb8u1) jessie-security; urgency=medium