Login
Newsletter
Werbung

Sicherheit: Denial of Service in ffmpeg
Aktuelle Meldungen Distributionen
Name: Denial of Service in ffmpeg
ID: MDVSA-2009:335
Distribution: Mandriva
Plattformen: Mandriva 2008.0, Mandriva 2009.0, Mandriva Enterprise Server 5.0
Datum: Do, 17. Dezember 2009, 20:09
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4610
Applikationen: FFmpeg

Originalnachricht

This is a multi-part message in MIME format...

------------=_1261076973-24326-2169


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:335
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ffmpeg
Date : December 17, 2009
Affected: 2008.0, 2009.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in ffmpeg:

MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated
by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as
demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718
(CVE-2008-4610).

Packages for 2008.0 are being provided due to extended support for
Corporate products.

This update provides a solution to this vulnerability.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4610
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
beeabb1996d9bf736309cc48dacf59a1
2008.0/i586/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
6cc819d7659aa3c3110a09764341f17a
2008.0/i586/libavformats51-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
a64149c0223fce925bcc9a44261379a8
2008.0/i586/libavutil49-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
e32ff29ad5bb4988009ba73d587f22d1
2008.0/i586/libffmpeg51-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
432a60bd0ffbe8faad641154f161b12c
2008.0/i586/libffmpeg51-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
bef39a87bdfe586aa27a8124a5f42b46
2008.0/i586/libffmpeg51-static-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
f3dcc5d0422d10a807f19beec6460401
2008.0/SRPMS/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
0adb11ce92b7023d84e17c47b416a02e
2008.0/x86_64/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
f99f57c6bd2c1c905723de5d23cbc78d
2008.0/x86_64/lib64avformats51-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
1848eaa502b484235fc49d9dee5f46ee
2008.0/x86_64/lib64avutil49-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
3bbabab6bb9461f1ac9f0991b7669dc8
2008.0/x86_64/lib64ffmpeg51-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
391c848cb410158b73199e7f2e02733a
2008.0/x86_64/lib64ffmpeg51-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
b2bc211725adcebe19a1ed90c87248e1
2008.0/x86_64/lib64ffmpeg51-static-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
f3dcc5d0422d10a807f19beec6460401
2008.0/SRPMS/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.src.rpm

Mandriva Linux 2009.0:
9e6955be6fc29847200a396543e91f91
2009.0/i586/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
e793f88f8612e83b87c75d28aa7b3ee3
2009.0/i586/libavformats52-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
510e5d64d1f3ce851aa58295048b6ce4
2009.0/i586/libavutil49-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
81d1d46a7b798bb137a3ce65433c5450
2009.0/i586/libffmpeg51-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
abf4b34aa90f1cfd613cf5e5bba6d01d
2009.0/i586/libffmpeg-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
62841712208ab5dc5131383715e46e45
2009.0/i586/libffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
b523f312fcbe542a68af8415535813bb
2009.0/i586/libswscaler0-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
95a8fe70eb607239e0fefe877345b8e3
2009.0/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
b25852f91e95c0dd6cac413421f09817
2009.0/x86_64/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
d5d5e19e0a589924a37cd82addc3d135
2009.0/x86_64/lib64avformats52-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
e8b76380ce69b61d745aa3365b89a0d1
2009.0/x86_64/lib64avutil49-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
b52751767266afc6e30697905cc0a22d
2009.0/x86_64/lib64ffmpeg51-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
d4a24cd43474784d990e2d18b1fbeb88
2009.0/x86_64/lib64ffmpeg-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
5c618faeabddbf34969458b9bf3be9ed
2009.0/x86_64/lib64ffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
e584888b791440e6427c25dddad185f5
2009.0/x86_64/lib64swscaler0-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
95a8fe70eb607239e0fefe877345b8e3
2009.0/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.src.rpm

Mandriva Enterprise Server 5:
a9bad1d3f80f6abc794e12b7a616118b
mes5/i586/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
2e1de6fd3253390d5a97f44ce410ef7a
mes5/i586/libavformats52-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
d59edc9e6f14340853b421805846238b
mes5/i586/libavutil49-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
22c19b94d9e6e887e080a16a724083b9
mes5/i586/libffmpeg51-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
a1771b311f17e89ee35aca056e3a2fe3
mes5/i586/libffmpeg-devel-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
ef57ad2c274230c8924cf7f85901d956
mes5/i586/libffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
c9391186267f11449a359a9a3f46c10f
mes5/i586/libswscaler0-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
24d45cd3251b8876c41d60e164f61db2
mes5/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.src.rpm

Mandriva Enterprise Server 5/X86_64:
d89476745c6defb6299cc521dcb9d811
mes5/x86_64/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
1ec046f0bc0d805cbddc0a09eb731813
mes5/x86_64/lib64avformats52-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
21f1a295e0d12ed3bf8e91e18e557d4a
mes5/x86_64/lib64avutil49-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
2ac6b11c3cdffbfb7ce66ec7ed92794b
mes5/x86_64/lib64ffmpeg51-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
0958f365fc0377700789901f3cfc70b4
mes5/x86_64/lib64ffmpeg-devel-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
2283f579aef13eb81f97f37b694f6393
mes5/x86_64/lib64ffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
d1d3b94079ddff1e40e19b351714c1fd
mes5/x86_64/lib64swscaler0-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
24d45cd3251b8876c41d60e164f61db2
mes5/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLKlMxmqjQ0CJFipgRAnrBAKCLwSWexDuGzACY5dZuH42BvRzYqgCeIpiR
ToKThFbj+KOsukdA6OcMMGA=
=yb49
-----END PGP SIGNATURE-----


------------=_1261076973-24326-2169
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1261076973-24326-2169--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung