CVE-2013-4265 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4265): The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference. CVE-2013-4264 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4264): The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service (out-of-bounds heap write) via a G2M4 encoded file. CVE-2013-4263 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4263): libavfilter in FFmpeg before 2.0.1 allows has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write. CVE-2013-0878 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0878): The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access. CVE-2013-0877 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0877): The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access. CVE-2013-0876 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0876): Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access. CVE-2013-0875 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0875): The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. CVE-2013-0874 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0874): The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via a crafted TIFF image, related to an out-of-bounds array access. CVE-2013-0873 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0873): The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses." CVE-2013-0872 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0872): The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access. CVE-2013-0868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0868): libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) "len==0 cases." CVE-2013-0867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0867): The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafted H.264 video data, related to an out-of-bounds array access. CVE-2013-0866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0866): The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. CVE-2013-0865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0865): The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. CVE-2013-0864 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0864): The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect calculation for an "end pointer," which allows remote attackers to have an unspecified impact via crafted GIF data that triggers an out-of-bounds array access. CVE-2013-0863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0863): Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video data. CVE-2013-0862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0862): Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array access. CVE-2013-0861 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0861): The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout. CVE-2013-0860 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0860): The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. Filing a lump bug because there is no obvious correlation between these and the existing "fixed in Git" bugs. Looks like DoS/user-assisted AcE, A2.
not sure if it's fixed in current stable, but 2.2.12+ is certainly enough
Since 1.1.X and 1.2.X is no longer maintained and 2.2.14 is being stabilized, but higher version without bugs is 2.2.15. Once stabilized we can clean up 1.1.x and 1.2.x Setting dependency on: 548006
This issue was resolved and addressed in GLSA 201603-06 at https://security.gentoo.org/glsa/201603-06 by GLSA coordinator Kristian Fiskerstrand (K_F).