Summary: | media-plugins/gst-plugins-ffmpeg type conversion vulnerability in libavformat/4xm.c (CVE-2009-0385) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | gnome, gstreamer |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.trapkit.de/advisories/TKADV2009-004.txt | ||
Whiteboard: | B2 [ebuild] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 257217 | ||
Bug Blocks: |
Description
Robert Buchholz (RETIRED)
2009-02-02 13:01:01 UTC
git master gst-ffmpeg is already depending on a much more recent ffmpeg revision. gst-ffmpeg-0.10.7 (which is going to be released within the next 2-3 weeks) will have the fix. Gstreamer/Gnome, we'd like a shorter timeframe for fixing this issue within the gstreamer package. Would it be possible to bump the ffmpeg branch or apply the patch onto an existing release? the gst-ffmpeg in the tree uses the media-libs/ffmpeg package, not the internal copy... so this bug is INVALID. |