MDKSA-2006:174
- Package name
- gstreamer-ffmpeg
- Date
- 2006-09-28
- Advisory ID
- MDKSA-2006:174
- Affected versions
- 2006.0 i586 , 2006.0 x86_64 , 2007.0 x86_64 , 2007.0 i586
Problem description
Gstreamer-ffmpeg uses an embedded copy of ffmpeg and as such has been
updated to address the following issue: Multiple buffer overflows in
libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to
cause a denial of service or possibly execute arbitrary code via
multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c,
(4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9)
cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c.
NOTE: it is likely that this is a different vulnerability than
CVE-2005-4048 and CVE-2006-2802.
Updated packages have been patched to correct this issue.
Updated packages
2006.0 i586
c49b397719d1143231cb030f9e9cd003 2006.0/i586/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.i586.rpm a0afe9ef876a409ca594b4fdb75921ad 2006.0/SRPMS/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.src.rpm
2006.0 x86_64
03003e5d2ee3f613a7ccd9552fdc7124 2006.0/x86_64/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.x86_64.rpm a0afe9ef876a409ca594b4fdb75921ad 2006.0/SRPMS/gstreamer-ffmpeg-0.8.6-1.2.20060mdk.src.rpm
2007.0 x86_64
90b711e579e72a96441b16b5e38bb5ff 2007.0/x86_64/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.x86_64.rpm d30f67740f6f6b9769609e613fd44b59 2007.0/SRPMS/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.src.rpm
2007.0 i586
884a134c1ded68502a461754b51dce85 2007.0/i586/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.i586.rpm d30f67740f6f6b9769609e613fd44b59 2007.0/SRPMS/gstreamer-ffmpeg-0.8.7-3.1mdv2007.0.src.rpm