1) Some errors within the libavcodec library when parsing ASF, QT, and WMV files can be exploited to corrupt memory. 2) An error within the "ff_compute_band_indexes()" function (libavcodec/mpegaudiodec.c) can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Solution Upgrade to version 1.0.
0.10.5 should have all the sec fixes from 1.0; did you check? 1.0 is certainly not ready to go stable.
(In reply to comment #1) > 0.10.5 should have all the sec fixes from 1.0; did you check? 1.0 is > certainly not ready to go stable. At least #2 in c0 is not fixed in 0.10.5. Upstream commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=94041febc53a6da10e34c2bfff9ff1d580fdce60
(In reply to comment #2) > (In reply to comment #1) > > 0.10.5 should have all the sec fixes from 1.0; did you check? 1.0 is > > certainly not ready to go stable. > > At least #2 in c0 is not fixed in 0.10.5. Upstream commit: > http://git.videolan.org/?p=ffmpeg.git;a=commitdiff; > h=94041febc53a6da10e34c2bfff9ff1d580fdce60 well, this commit mentions the problem was introduced by: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b37d945dd4213cb8e92146571b0374cd45d52286 which neither is in 0.10.5
This issue was resolved and addressed in GLSA 201310-12 at http://security.gentoo.org/glsa/glsa-201310-12.xml by GLSA coordinator Sean Amoss (ackle).
