oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: FFmpeg 2.0.1 multiple problems

From: Michael Niedermayer <michaelni () gmx at>
Date: Wed, 21 Aug 2013 02:25:48 +0200
Hi

Id like to request CVE(s) for FFmpeg 2.0.1, for the changes below:


https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
Out of array (on heap) write
Found-by: wm4


https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
https://trac.ffmpeg.org/ticket/2842
testcase and valgrind output on bugtracker above
Out of array (on heap) write
Found-by: Piotr Bandurski <ami_stuff () o2 pl>


https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55
Found-by: Laurent Butti <laurentb () gmail com>
Wrong return code that could lead to NULL+offset to be written to after memory
allocation failure

Thanks
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

There will always be a question for which you do not know the correct answer.

Attachment: signature.asc
Description: Digital signature

Previous By Date Next
Previous By Thread Next

Current thread: