147335 – media-tv/xdtv includes vulnerable ffmpeg? (CVE-2005-4048)

Bug 147335 - media-tv/xdtv includes vulnerable ffmpeg? (CVE-2005-4048)

Summary: media-tv/xdtv includes vulnerable ffmpeg? (CVE-2005-4048)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B2? [?] jaervosz
Keywords:

Depends on:
Blocks:

Reported:	2006-09-12 08:39 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2006-09-14 15:54 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-12 08:39:06 UTC

See bug #133520 for further details.

Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev

2006-09-12 08:48:05 UTC

I'd say mask it, and leave it masked until upstream decides to release a version that can use external FFmpeg, if it's vulnerable.

But for what I heard from them, it shouldn't be vulnerable to any FFmpeg vulnerability, at least the latest ~arch version, it might require to be stabled by x86.

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-12 10:35:33 UTC

Diego/media-tv do you want to mask it or stable it?

Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev

2006-09-14 10:20:42 UTC

The stable version is not affected, I've masked 2.3.3 for safety, and will remain masked till upstream decides on that matter.

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-14 15:54:13 UTC

Thx Diego. Closing this one as INVALID.