oss-sec mailing list archives
Re: [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder
From: Salvatore Bonaccorso <carnil () debian org>
Date: Mon, 6 Nov 2017 21:18:51 +0100
Hi On Fri, Oct 20, 2017 at 02:52:21PM +0200, Ludovic Courtès wrote:
Hi, 连一汉 <lianyihan () 360 cn> skribis:FFmpeg trigger double-free when it parsing an craft AVI file to MKV file using ffvhuff decoder.[...]This was fixed with the following commit: https://www.ffmpeg.org/download.html#releasesLooks like this is not the URL you intended to share, is it?
The fix for this issue appears to be: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/df62b70de8aaa285168e72fe8f6e740843ca91fa Regards, Salvatore
Current thread:
- [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder 连一汉 (Oct 20)
- Re: [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder Ludovic Courtès (Oct 20)
- Re: [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder Salvatore Bonaccorso (Nov 06)
- Re: [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder Ludovic Courtès (Oct 20)