From ${URL} : Description Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) An error within the "pcx_decode_frame()" function (libavcodec/pcx.c) can be exploited to cause a crash. 2) An error within the "xan_decode_init()" function (libavcodec/xxan.c) can be exploited to cause an out of bounds write memory access. 3) An error within the "pcx_decode_frame()" function (libavcodec/pcx.c) can be exploited to trigger an infinite loop. 4) An error within the "png_decode_idat()" function (libavcodec/pngdec.c) can be exploited to trigger an infinite loop. 5) An error within the "bfi_read_packet()" function (libavformat/bfi.c) can be exploited to trigger a division-by-zero exception. 6) An error within the "ff_get_wav_header()" function (libavformat/riffdec.c) can be exploited to trigger a division-by-zero exception. 7) An error within the "read_header()" function (libavformat/mvi.c) can be exploited to trigger a division-by-zero exception. 8) A boundary error within the "decode_element()" function (libavcodec/alac.c) can be exploited to cause an out of bounds write memory access. 9) An error within the "xwma_read_header()" function (libavformat/xwma.c) can be exploited to trigger a division-by-zero exception. 10) An error within the "read_gab2_sub()" function (libavformat/avidec.c) can be exploited to cause an out of bounds read memory access. 11) An error within the "vqf_read_header()" function (libavformat/vqf.c) can be exploited to cause a crash. Successful exploitation of the vulnerabilities #2 and #8 may allow execution of arbitrary code. Solution: Fixed in the git repository. Provided and/or discovered by: The vendor credits Mateusz "j00ru" Jurczyk and Gynvael Coldwind. Original Advisory: http://git.libav.org/?p=libav.git;a=commit;h=d1d99e3befea5d411ac3aae72dbdecce94f8b547 http://git.libav.org/?p=libav.git;a=commit;h=aa0dd52434768da64f1f3d8ae92bcf980c1adffc http://git.libav.org/?p=libav.git;a=commit;h=9fb0de86b49e9fb0709a8ad1e1875e35da841887 http://git.libav.org/?p=libav.git;a=commit;h=a81cad8f86d1feb7e4bfae29e43f3e994935a5c7 http://git.libav.org/?p=libav.git;a=commit;h=9fc7184d1a9af8d97b3fc5c2ef9d0a647d6617ea http://git.libav.org/?p=libav.git;a=commit;h=d07aa3f02b73ab1371c13ac7898338380ca0932b http://git.libav.org/?p=libav.git;a=commit;h=28ff439efd2362fb21e1a78610737f2e26a72d8f http://git.libav.org/?p=libav.git;a=commit;h=59480abce7e4238e22b3a4a904a9fe6abf4e4188 http://git.libav.org/?p=libav.git;a=commit;h=adc09136a4a63b152630abeacb22c56541eacf60 http://git.libav.org/?p=libav.git;a=commit;h=8d07258bb6063d0780ce2d39443d6dc6d8eedc5a http://git.libav.org/?p=libav.git;a=commit;h=9277050e2918e0a0df9689721a188a604d886616 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
sounds like libav stuff, ffmpeg 1.2.6 seems unaffected
Adding depends for the GLSA write up, will create one monster GLSA for all ffmpeg when Bug 548006 is stabilized.
This issue was resolved and addressed in GLSA 201603-06 at https://security.gentoo.org/glsa/201603-06 by GLSA coordinator Kristian Fiskerstrand (K_F).