Bug#641478: libavcodec insufficient boundary check in CAVS decoding
Reinhard Tartler
siretart at tauware.de
Wed Sep 14 04:29:04 UTC 2011
On Di, Sep 13, 2011 at 09:43:11 (PDT), Moritz Muehlenhoff wrote:
> Package: libav
> Severity: important
>
> The following was reported by oCERT:
> http://www.ocert.org/advisories/ocert-2011-002.html
>
> A CVE ID is not yet available, I will be requesting one. This is unfixed
> in libav from sid. The ffmpeg fix can be found here:
> http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c5cbda50793e311aa73489d12184ffd6761c9fbf
Libav upstream believes that patch doesn't fix anything, but provides
the following one instead:
http://git.libav.org/?p=libav.git;a=commitdiff;h=bd968d260aef322fb32e254a3de0d2036c57bd56
(btw, it seems ffmpeg has in the meantime merged this one as well)
Cheers,
Reinhard
--
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
More information about the pkg-multimedia-maintainers
mailing list