Mandriva Linux Security Advisory 2011-062 - FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. Various other issues were also addressed.
beca983955043a364ac94ab3f8c73c9617152509a3efbeb808b628ca857b4efe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:062
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ffmpeg
Date : April 1, 2011
Affected: 2010.1
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been identified and fixed in ffmpeg:
FFmpeg 0.5 allows remote attackers to cause a denial of service (hang)
via a crafted file that triggers an infinite loop. (CVE-2009-4636)
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer
and other products, allows remote attackers to execute arbitrary code
via a crafted flic file, related to an arbitrary offset dereference
vulnerability. (CVE-2010-3429)
libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1
and earlier allows remote attackers to cause a denial of service
(application crash) via a crafted .ogg file, related to the
vorbis_floor0_decode function. (CVE-2010-4704)
Fix heap corruption crashes (CVE-2011-0722)
Fix invalid reads in VC-1 decoding (CVE-2011-0723)
And several additional vulnerabilites originally discovered by Google
Chrome developers were also fixed with this advisory.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0723
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
b4db9e819fe581e61ad59225fe630a25 2010.1/i586/ffmpeg-0.6-0.22960.5.1mdv2010.2.i586.rpm
b2ba7998b8549d1a0434d51ff76ddfed 2010.1/i586/libavformats52-0.6-0.22960.5.1mdv2010.2.i586.rpm
ce8964529073304413e3591f8d0de20b 2010.1/i586/libavutil50-0.6-0.22960.5.1mdv2010.2.i586.rpm
da9b5200a498933bd3a1e5e000937a90 2010.1/i586/libffmpeg52-0.6-0.22960.5.1mdv2010.2.i586.rpm
64a5a0c59fba081b54f7538fd658f66f 2010.1/i586/libffmpeg-devel-0.6-0.22960.5.1mdv2010.2.i586.rpm
e6fa096ebf765e1258a13bd578a8de68 2010.1/i586/libffmpeg-static-devel-0.6-0.22960.5.1mdv2010.2.i586.rpm
4cc7830f9684161826518db3077ca207 2010.1/i586/libpostproc51-0.6-0.22960.5.1mdv2010.2.i586.rpm
be1e63a9da0a1b48308390ce48dc30cb 2010.1/i586/libswscaler0-0.6-0.22960.5.1mdv2010.2.i586.rpm
87155585e9ad3413d3210489a539a62f 2010.1/SRPMS/ffmpeg-0.6-0.22960.5.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
f26e9389ab90769c9d41379063b44052 2010.1/x86_64/ffmpeg-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
c1f7175cad48f46cfdd2b0d57c5f1d82 2010.1/x86_64/lib64avformats52-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
da8802f10ae716e344a85d27061716e2 2010.1/x86_64/lib64avutil50-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
abe637a5f54bf30b8738bc77d3a505cd 2010.1/x86_64/lib64ffmpeg52-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
528f1d86498f7c6d975aaa58c30715d6 2010.1/x86_64/lib64ffmpeg-devel-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
c77efb105b06ee700d1094e0f468bc6d 2010.1/x86_64/lib64ffmpeg-static-devel-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
2b46dcebe1a563aed2e9949f5869be8b 2010.1/x86_64/lib64postproc51-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
e1f77931ce1aa23bbc8f1b8f607548ff 2010.1/x86_64/lib64swscaler0-0.6-0.22960.5.1mdv2010.2.x86_64.rpm
87155585e9ad3413d3210489a539a62f 2010.1/SRPMS/ffmpeg-0.6-0.22960.5.1mdv2010.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNlhb3mqjQ0CJFipgRAn9IAJ9Yxk/y7oQNkzbAf0CXuET3XPRYYwCdF7V6
mAdlwouwYl64jARlHgI/M2w=
=AyKF
-----END PGP SIGNATURE-----