package: ffmpeg
version: 0.svn20080206-18
severity: serious
tags: security

hi, i have just tested the latest ffmpeg update against the original
proof of concepts [0] reported in bug #550442 [1].  many of them are
still effective.  there is some good news though; i've found that
upstream has addressed all of the problems in their latest svn version.
attached are my findings.

reference [2] may be useful to track down the other needed patches; or
it may be easier to just upgrade to a new svn (however, the patches
still need to be determined for stable).



Attachment: ffmpeg
Description: Binary data

pkg-multimedia-maintainers mailing list

Reply via email to