oss-sec mailing list archives
Security issue in libav/ffmpeg
From: Jamie Strandboge <jamie () canonical com>
Date: Thu, 03 May 2012 12:53:23 -0500
A heap corruption security bug[1] was reported by Fabian Yamaguchi against libav in Ubuntu. This issue also affected ffmpeg. This issue is now public and has been assigned CVE-2012-0947. Attached is a patch from upstream libav to fix the issue (thanks to Måns Rullgård). While the issue also affected ffmpeg, upstream ffmpeg fixed this some time ago in 3583c8706df0abbfa3ecdd6730f4f3d72a01fe6d. [1] https://launchpad.net/bugs/980963 -- Jamie Strandboge | http://www.canonical.com
Attachment:
0001-vqavideo-return-error-if-image-size-is-not-a-multipl.patch
Description:
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Security issue in libav/ffmpeg Jamie Strandboge (May 03)