Debian Security Advisory

DSA-3506-1 libav -- security update

Date Reported:
04 Mar 2016
Affected Packages:
libav
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2016-1897, CVE-2016-1898, CVE-2016-2326.
More information:

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

For the oldstable distribution (wheezy), these problems have been fixed in version 6:0.8.17-2.

For the stable distribution (jessie), libav has been updated to 6:11.6-1~deb8u1 which brings several further bugfixes as detailed in the upstream changelog: https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.6

We recommend that you upgrade your libav packages.