oss-sec mailing list archives
CVE request rtmpdump: the 6 vulnerabilities have been fixed
From: limingxing <limingxing () 360 cn>
Date: Wed, 30 Dec 2015 02:28:26 +0000
Hello, CVE request rtmpdump: the 6 vulnerabilities have been fixed by Howard Chu a few days ago! These vulnerabilities affect latest version of ubuntu kylin by the smplayer! Thank you ! The git(git://git.ffmpeg.org/rtmpdump)log is: commit fa8646daeb19dfd12c181f7d19de708d623704c0 Author: Howard Chu <hyc () highlandsun com> Date: Wed Dec 23 18:58:50 2015 +0000 Fix issue 6-7/7 from LMX of Qihoo 360 Codesafe Team Additional decode input size checks commit 07c10ae612bf5c2dbea594dcbd4da85c54dba1e4 Author: Howard Chu <hyc () highlandsun com> Date: Wed Dec 23 18:28:13 2015 +0000 Fix issue 5/7 from LMX of Qihoo 360 Codesafe Team Ignore zero-length packets commit 7c68ad18f4296911114470bb4caaa673d55c8447 Author: Howard Chu <hyc () highlandsun com> Date: Wed Dec 23 18:10:15 2015 +0000 Fix issue 4/7 from LMX of Qihoo 360 Codesafe Team Potential integer overflow in RTMPPacket_Alloc(). commit f3042b5bb7dcb42eda32ad9dd88029b24a2c282b Author: Howard Chu <hyc () highlandsun com> Date: Wed Dec 23 17:53:34 2015 +0000 Fix issue 2/7 from LMX of Qihoo 360 Codesafe Team Obsolete RTMPPacket_Free() call left over from original C++ to C rewrite commit 71fe4f2435beaccca046dad3905840615b76b085 Author: Howard Chu <hyc () highlandsun com> Date: Wed Dec 23 17:51:39 2015 +0000 Fix issue 1/7 from LMX of Qihoo 360 Codesafe Team AMFProp_GetObject must make sure the prop is actually an object
Current thread:
- CVE request rtmpdump: the 6 vulnerabilities have been fixed limingxing (Dec 29)