Bug#646937: [Secure-testing-team] Bug#646937: CVE-2011-3625: Buffer overflow in SAMI parsing
Mehdi Dogguy
mehdi at dogguy.org
Fri Oct 28 19:30:50 UTC 2011
On 10/28/2011 07:57 PM, Michael Gilbert wrote:
> On Fri, Oct 28, 2011 at 9:20 AM, Mehdi Dogguy wrote:
>> Package: mplayer2
>> Version: 2.0-134-g84d8671-8
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>>
>> Please see:
>> http://www.openwall.com/lists/oss-security/2011/10/14/1
>> http://labs.mwrinfosecurity.com/files/Advisories/mwri_mplayer-sami-subtitles_2011-08-12.pdf
>>
>> Fix:
>> http://git.mplayer2.org/mplayer2/commit/?id=27b88a09c5319deb62221b8cd0ecc14cd1136e4a
>
> How is this different from #645987?
>
#645987 was reported against mplayer (not mplayer2). I could have cloned
the bugreport bug didn't think about that when closing it ; and
re-assigning isn't appropriate since the issue is valid for both packages.
I cc'ed the security team so that you can update security-tracker's data.
Regards,
--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
More information about the pkg-multimedia-maintainers
mailing list