Bug 256 - [UPDATE REQUEST] ffmpeg 0.7.11 -> 0.7.12
: [UPDATE REQUEST] ffmpeg 0.7.11 -> 0.7.12
Status: RESOLVED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Marathon
: All Linux
: Normal enhancement
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-21 13:45 MSD by Andrey Bondrov
Modified: 2012-06-01 14:04 MSD (History)
3 users (show)

See Also:
RPM Package: ffmpeg-0.7.12-1.src.rpm & ffmpeg-0.7.12-1plf.src.rpm
ISO-related:
Bad POT generating:
Upstream:
alexander.petryakov: qa_verified+
dmitry.romashkin: secteam_verified+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrey Bondrov 2012-05-21 13:45:55 MSD
Rosa 2012 LTS comes with FFmpeg 0.7.11. New bugfix release 0.7.12 is available now.

Advisory:
"0.7.12 contains almost all features and bugfixes of 0.8.11 while being compatible with the 0.6 ABI and API. Fixes: 
- CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
- several security issues that dont have CVE numbers
- and about 150 bugfixes"
Comment 1 Andrey Bondrov 2012-05-21 13:50:38 MSD
Packages for "main" version:
https://abf.rosalinux.ru/build_lists/549565
https://abf.rosalinux.ru/build_lists/549568

Pacakges for "restricted" version:
https://abf.rosalinux.ru/build_lists/549572
https://abf.rosalinux.ru/build_lists/549571

Advisory:
"0.7.12 contains almost all features and bugfixes of 0.8.11 while being compatible with the 0.6 ABI and API. Fixes: 
- CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
- several security issues that dont have CVE numbers
- and about 150 bugfixes"
Comment 2 Alexander Petryakov 2012-05-31 02:00:35 MSD
************** Advisory **************
"0.7.12 contains almost all features and bugfixes of 0.8.11 while being compatible with the 0.6 ABI and API. Fixes: 
- CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
- several security issues that dont have CVE numbers
- and about 150 bugfixes"
**************************************
QA Verified
Comment 3 Dmitry Romashkin 2012-05-31 08:41:23 MSD
Hello, considering version 0.7.12 it is secteam verified. But better (now or later) update for version 0.11 from May 25. There are some additional security patches.

http://ffmpeg.org/
May, 25, 2012, FFmpeg 0.11
We have made a new major release (0.11) It contains all features and bugfixes of the git master branch. A partial list of new stuff is below:
Fixes:CVE-2012-2772, CVE-2012-2774, CVE-2012-2775, CVE-2012-2776, CVE-2012-2777,
      CVE-2012-2779, CVE-2012-2782, CVE-2012-2783, CVE-2012-2784, CVE-2012-2785,
      CVE-2012-2786, CVE-2012-2787, CVE-2012-2788, CVE-2012-2789, CVE-2012-2790,
      CVE-2012-2791, CVE-2012-2792, CVE-2012-2793, CVE-2012-2794, CVE-2012-2795,
      CVE-2012-2796, CVE-2012-2797, CVE-2012-2798, CVE-2012-2799, CVE-2012-2800,
      CVE-2012-2801, CVE-2012-2802, CVE-2012-2803, CVE-2012-2804,
Comment 4 Andrey Bondrov 2012-05-31 09:56:15 MSD
(In reply to comment #3)
> Hello, considering version 0.7.12 it is secteam verified. But better (now or
> later) update for version 0.11 from May 25. There are some additional
> security patches.

0.11 is not compatible with the 0.6 ABI and API so we'll need to rebuild and fix lots of packages after update.
Comment 5 Dmitry Romashkin 2012-06-01 14:04:10 MSD
*** Bug 297 has been marked as a duplicate of this bug. ***