Summary: | <media-video/ffmpeg-0.7.4: Multiple vulnerabilities (CVE-2010-{3908,4704},CVE-2011-{1931,3973,3974}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alexis Ballier <aballier> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | pruzinat |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 384095 | ||
Bug Blocks: |
Description
Alexis Ballier
2011-09-08 18:09:16 UTC
Great, thank you. Arches, please test and mark stable: =media-video/ffmpeg-0.7.4 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" Archtested on x86: Everything seems fine amd64 ok amd64: pass amd64 ok Stable for HPPA. x86 stable, thanks JD arm stable amd64 done. Thank you all alpha/ia64/sparc stable There is a newer version to stabilize via bug 384095. Rerating B2, and added to existing GLSA request now that stabilization in 384095 has completed. Thanks, folks. CVE-2011-3974 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3974): Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362. CVE-2011-3973 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3973): cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. CVE-2011-1931 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1931): sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. CVE-2010-4704 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4704): libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-2011-0480. CVE-2010-3908 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3908): FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. nothing left to do for media-video@ This issue was resolved and addressed in GLSA 201310-12 at http://security.gentoo.org/glsa/glsa-201310-12.xml by GLSA coordinator Sean Amoss (ackle). |