Debian 5.0: DSA-2000-1 Critical: ffmpeg Denial Of Service
debian
February 18, 2010
Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlay...
Topics Covered
Summary
Several vulnerabilities have been discovered in ffmpeg, a multimedia
player, server and encoder, which also provides a range of multimedia
libraries used in applications like MPlayer:
Various programming errors in container and codec implementations
may lead to denial of service or the execution of arbitrary code
if the user is tricked into opening a malformed media file or stream.
Affected and updated have been the implementations of the following
codecs and container formats:
- - the Vorbis audio codec
- - the Ogg container implementation
- - the FF Video 1 codec
- - the MPEG audio codec
- - the H264 video codec
- - the MOV container implementation
- - the Oggedc container implementation
For the stable distribution (lenny), these problems have been fixed in
version 0.svn20080206-18+lenny1.
For the unstable distribution (sid), these problems have been fixed in
version 4:0.5+svn20090706-5.
We recommend that you upgrade your ffmpeg packages.
Upgrade instructions
- --------------------
wget url
wil...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: ffmpeg-debian
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!