oss-sec mailing list archives
CVE Request: FFmpeg 2.0.1 multiple problems
From: Michael Niedermayer <michaelni () gmx at>
Date: Wed, 21 Aug 2013 02:25:48 +0200
Hi Id like to request CVE(s) for FFmpeg 2.0.1, for the changes below: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc Out of array (on heap) write Found-by: wm4 https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1 https://trac.ffmpeg.org/ticket/2842 testcase and valgrind output on bugtracker above Out of array (on heap) write Found-by: Piotr Bandurski <ami_stuff () o2 pl> https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55 Found-by: Laurent Butti <laurentb () gmail com> Wrong return code that could lead to NULL+offset to be written to after memory allocation failure Thanks -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB There will always be a question for which you do not know the correct answer.
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: FFmpeg 2.0.1 multiple problems Michael Niedermayer (Aug 20)
- Re: CVE Request: FFmpeg 2.0.1 multiple problems Kurt Seifried (Aug 21)