CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2009/01/29 04:30:27
Modified files:
graphics/ffmpeg: Makefile
Added files:
graphics/ffmpeg/patches: patch-libavformat_4xm_c
Log message:
SECURITY; fix http://www.trapkit.de/advisories/TKADV2009-004.txt
>From Brad.
FFmpeg contains a type conversion vulnerability while parsing malformed 4X
movie files. The vulnerability may be exploited by a (remote) attacker to
execute arbitrary code in the context of FFmpeg or an application using
the FFmpeg library.
