package: ffmpeg
version: 0.svn20080206-18
severity: serious
tags: security

hi, i have just tested the latest ffmpeg update against the original
proof of concepts [0] reported in bug #550442 [1].  many of them are
still effective.  there is some good news though; i've found that
upstream has addressed all of the problems in their latest svn version.
attached are my findings.

reference [2] may be useful to track down the other needed patches; or
it may be easier to just upgrade to a new svn (however, the patches
still need to be determined for stable).

mike

[0] http://roundup.ffmpeg.org/roundup/ffmpeg/issue1240
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550442
[2] http://thread.gmane.org/gmane.comp.video.ffmpeg.devel/97154

Attachment: ffmpeg
Description: Binary data

_______________________________________________
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers

Reply via email to