Bugzilla – Bug 488309
theora is no longer in beta
Last modified: 2011-02-18 00:17:04 UTC
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.7) Gecko/2009022800 SUSE/3.0.7-1.1.6 Firefox/3.0.7 The libtheora package needs to be upgraded - it's no longer in beta and has hit 1.0! Reproducible: Always Steps to Reproduce: 1. 2. 3.
There are potential security implications with the current beta libtheora version, which makes libtheora 1.0 a candidate for backporting to opensuse 11.1 == QUOTE http://lists.xiph.org/pipermail/commits/2008-October/014210.html == r15403 trunk/theora/lib/dec/decode.c Boundary case conditonals for strong deringing were backwards, leading to a possible out-of-bounds access. Fortunately, this particular test seems to have occurred so seldom in practice that it never tripped valgrind. == == == == == QUOTE http://lists.xiph.org/pipermail/commits/2008-October/014173.html == r15371 trunk/theora/lib/enc Fix segfault when exactly one of the width or height is not a multiple of 16, but the other is. Also actually compute the correct vertical offset for chroma. == == == == During this summer, many web browsers (Opera, webkit-based ones, and Firefox) will be rolling out their implementations of HTML5 video. Since they will probably be using this multimedia library, it seems prudent to get the most stable version in version of opensuse that will be in use during that time.
will be done in factory I guess. issues dont look really security relevant to me as is
We are now in openSUSE 11.3, about ready for 11.4 libtheora0 is at 1.1.1 This bug can be closed.