http://www.ubuntu.com/usn/usn-630-1
** Changed in: ffmpeg (Ubuntu Feisty)
Status: Confirmed = Fix Released
** Changed in: ffmpeg (Ubuntu Dapper)
Status: Confirmed = Fix Released
** Changed in: ffmpeg (Ubuntu)
Status: Confirmed = Fix Released
--
CVE-2008-3162 Stack-based
** Attachment added: hardy_security_ffmpeg_0.cvs20070307-5ubuntu7.1.debdiff
http://launchpadlibrarian.net/16133320/hardy_security_ffmpeg_0.cvs20070307-5ubuntu7.1.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug notification
** Attachment added: gutsy_security_ffmpeg_0.cvs20070307-5ubuntu4.1.debdiff
http://launchpadlibrarian.net/16133546/gutsy_security_ffmpeg_0.cvs20070307-5ubuntu4.1.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug notification
** Attachment added: feisty_security_ffmpeg_0.cvs20060823-3.1ubuntu4.1.debdiff
http://launchpadlibrarian.net/16142922/feisty_security_ffmpeg_0.cvs20060823-3.1ubuntu4.1.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug
Dapper fixed inline (adopted first security patch method.)
** Attachment added: dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
http://launchpadlibrarian.net/16143288/dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
** Bug watch added: Debian Bug tracker #489965
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965
** Also affects: ffmpeg-debian (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965
Importance: Unknown
Status: Unknown
--
CVE-2008-3162 Stack-based buffer
** Changed in: ffmpeg-debian (Debian)
Status: Unknown = Fix Released
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
UPSTREAM FIX:
http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/psxstr.c?view=patchr1=13993r2=13992pathrev=13993
UPSTREAM BUG:
https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311
CVE:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
--
CVE-2008-3162 Stack-based buffer overflow
** Changed in: ffmpeg (Ubuntu Dapper)
Importance: Undecided = Medium
Assignee: (unassigned) = Emanuele Gentili (emgent)
Status: New = Confirmed
** Attachment added: intrepid_ffmpeg-free_0.svn20080206-8ubuntu2.debdiff
** Attachment removed: intrepid_ffmpeg-
free_0.svn20080206-8ubuntu2.debdiff
http://launchpadlibrarian.net/16033798/intrepid_ffmpeg-
free_0.svn20080206-8ubuntu2.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug notification
POC:
Run 'ffmpeg -y -i logo.iki -vn -f wav /dev/null' (with the attached
file)
On the latest ubuntu/i386:
- SVN r13990 will crash immediately. Under valgrind 3.3.0 it will report
several invalid writes and then valgrind itself will crash.
- SVN r13993 and up shouldn't crash or have any valgrind
intrepid use ffmpeg-debian (main)
hardy and gutsy use ffmpeg (main)
dapper and feisty use ffmpeg (universe)
** Attachment removed: dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
http://launchpadlibrarian.net/16041606/dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
** Changed
** Attachment added: dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
http://launchpadlibrarian.net/16041606/dapper_security_ffmpeg_0.cvs20050918-5ubuntu1.2.debdiff
--
CVE-2008-3162 Stack-based buffer overflow
https://bugs.launchpad.net/bugs/248674
You received this bug notification
13 matches
Mail list logo
