Security Information / 2016 / Security Information -- DSA-3506-1 libav

Debian Security Advisory

DSA-3506-1 libav -- security update

Date Reported:

04 Mar 2016

Affected Packages:

libav

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-1897, CVE-2016-1898, CVE-2016-2326.

More information:

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

For the oldstable distribution (wheezy), these problems have been fixed in version 6:0.8.17-2.

For the stable distribution (jessie), libav has been updated to 6:11.6-1~deb8u1 which brings several further bugfixes as detailed in the upstream changelog: https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.6

We recommend that you upgrade your libav packages.