Paketname
gstreamer-ffmpeg
Datum
2006-09-28
Advisory ID
MDKSA-2006:174
Betroffene Versionen
2006.0 i586 , 2006.0 x86_64 , 2007.0 x86_64 , 2007.0 i586

Problembeschreibung

Gstreamer-ffmpeg uses an embedded copy of ffmpeg and as such has been
updated to address the following issue: Multiple buffer overflows in
libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to
cause a denial of service or possibly execute arbitrary code via
multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c,
(4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9)
cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c.
NOTE: it is likely that this is a different vulnerability than
CVE-2005-4048 and CVE-2006-2802.

Updated packages have been patched to correct this issue.

Aktualisierte Pakete

2006.0 i586

 c49b397719d1143231cb030f9e9cd003  2006.0/i586/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.i586.rpm 
 a0afe9ef876a409ca594b4fdb75921ad  2006.0/SRPMS/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.src.rpm

2006.0 x86_64

 03003e5d2ee3f613a7ccd9552fdc7124  2006.0/x86_64/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.x86_64.rpm 
 a0afe9ef876a409ca594b4fdb75921ad  2006.0/SRPMS/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.src.rpm

2007.0 x86_64

 90b711e579e72a96441b16b5e38bb5ff  2007.0/x86_64/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.x86_64.rpm 
 d30f67740f6f6b9769609e613fd44b59  2007.0/SRPMS/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.src.rpm

2007.0 i586

 884a134c1ded68502a461754b51dce85  2007.0/i586/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.i586.rpm 
 d30f67740f6f6b9769609e613fd44b59  2007.0/SRPMS/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.src.rpm

Referenzen