tags 610550 unreproducible stop Hi,
On Wed, Jan 19, 2011 at 20:48:35 (CET), Luciano Bello wrote: > Package: ffmpeg > Severity: important > Tags: security patch > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for ffmpeg. > > CVE-2011-0480[0]: > | Multiple buffer overflows in the Vorbis decoder in Google Chrome > | before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote > | attackers to cause a denial of service or possibly have unspecified > | other impact via unknown vectors. The report is against Chrome and Chrome OS. I've failed to reproduce the reported crashes with debian's version of ffmpeg; I get error messages about corrupted vorbis headers, but no crash. Can you please provide a testcase that applies to the debian copy of ffmpeg? -- Gruesse/greetings, Reinhard Tartler, KeyID 945348A4 _______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
