Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=cc5781dd22c3e1b65e53dfc7dd04eb9705d2a557
commit cc5781dd22c3e1b65e53dfc7dd04eb9705d2a557 Author: Miklos Vajna <[email protected]> Date: Mon Mar 9 23:34:06 2009 +0100 FSA578-ffmpeg diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 0d9c3a2..2331969 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,19 @@ <fsas> <fsa> + <id>578</id> + <date>2009-03-09</date> + <author>Miklos Vajna</author> + <package>ffmpeg</package> + <vulnerable>ffmpeg-20080427-7</vulnerable> + <unaffected>ffmpeg-20080427-8solaria1</unaffected> + <bts>http://bugs.frugalware.org/task/3599</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385</cve> + <desc>Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. + The vulnerability is caused due to a signedness error within the "fourxm_read_header()" function in libavformat/4xm.c. This can be exploited to corrupt arbitrary memory via a specially crafted 4xm file. + Successful exploitation may allow execution of arbitrary code.</desc> + </fsa> + <fsa> <id>577</id> <date>2009-03-08</date> <author>Miklos Vajna</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
