Summary: | <media-video/ffmpeg-2.0.1: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/55946/ | ||
Whiteboard: | B2 [glsa+] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-12-06 15:33:25 UTC
(In reply to Agostino Sarubbo from comment #0) > 1) An error within the "kempf_decode_tile()" function (libavcodec/g2meet.c) > can be exploited to trigger an > out-of-bounds read memory access. not in 1.0.* nor 1.2.* backported to 2.1 branch recently so will be in next 2.1 release -> not for us > 2) An error within the "format_line()" function (libavutil/log.c) can be > exploited to trigger an > out-of-bounds read memory access. seems to have been introduced by http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=148310ca1659e3be95a2e87a8e30d1894a32d6d6 not in 1.0.* nor 1.2.* backported to 2.1 branch recently so will be in next 2.1 release -> not for us > 3) Some errors within the "split_field_copy()" and > "ff_h264_fill_default_ref_list()" functions > (libavcodec/h264_refs.c) can be exploited to cause buffer overflows. seems valid; fixed only in master atm, need to check why (In reply to Alexis Ballier from comment #1) please fix your summary btw, first 2 bugs are not present in <ffmpeg-2 and 3rd one isnt fixed in 2.0.1 it seems Since it looks like this bug was not fully addressed setting the dependency for 548006, stabilization of 2.2.15 This issue was resolved and addressed in GLSA 201603-06 at https://security.gentoo.org/glsa/201603-06 by GLSA coordinator Kristian Fiskerstrand (K_F). |