Summary: | <media-video/ffmpeg-3.3.5: read_header function in libavcodec/ffv1dec.c triggers an out-of-bounds read. | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | media-video |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=media-video/ffmpeg-3.3.5
|
Runtime testing required: | --- |
Bug Depends on: | 639698 | ||
Bug Blocks: |
Description
D'juan McDonald (domhnall)
2017-11-06 20:08:00 UTC
this is fixed in 3.3.5 that is good to go stable @arches, please stabilize. An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
x86 stable An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
ia64 stable An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
amd64 stable An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
> dependency.bad media-video/ffmpeg/ffmpeg-3.3.5.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['media-plugins/frei0r-plugins', '>=sci-libs/netcdf-4.3.2-r1[hdf5]', '>=sci-libs/hdf5-1.8.18[hl]']
arm stable An automated check of this bug succeeded - the previous repoman errors are now resolved. ppc64 stable cleanup will occur in bug #639698 GLSA Vote: No |