drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in openh264
| Name: |
Pufferüberlauf in openh264 |
|
| ID: |
DSA-5870-1 |
|
| Distribution: |
Debian |
|
| Plattformen: |
Debian bookworm |
|
| Datum: |
Mi, 26. Februar 2025, 23:10 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-27091 |
|
| Applikationen: |
openh264 |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5870-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 26, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openh264
CVE ID : CVE-2025-27091
Debian Bug : 1098470
A heap-based buffer overflow flaw in the decoding functions of openh264,
a codec library which supports H.264 encoding and decoding, may allow a
remote attacker to cause a denial of service or the execution of
arbitrary code if a specially crafted video is processed.
For the stable distribution (bookworm), this problem has been fixed in
version 2.3.1+dfsg-3+deb12u1.
We recommend that you upgrade your openh264 packages.
For the detailed security status of openh264 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/openh264
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAme/jFlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SchQ/5AT44olo55wkG91dSp/uRQ6rhOSG3n/Rw7MnX5jjWj3l9whFiXlOK3GVl
O8pFfnONLecP/TQYEtcGCsDZphxKRjpH4ysCAs2VwVXgZJ9mXuO5uTyzd+tFqXtE
cnO6MBg1YoBqstsHy7XLTfjNRnCU5lXSYORmPw7i6XBTXnY4PSMmDlt95cjEW2hj
iYzp6LDleu5pdf9fOwxlmAp2CI+JzBxCvmRPMEle/ZrgMoDMKJMgp5yrAIGAIk1b
tEJlE+G5kqi1GSKb7tu1LAlomAt2n2pqpxBOAUR4HZvhlw1JsfUoyuvrVHso9qY6
6xTCsETUx3s2W9QWji7Q9Fnkoe2jAv3CkBckVPtQABhNPfuSTexBI+fgVOYfn+b2
/EMwhlhSwZww6jRLv8WPRs93Oqc55VgxwvI+5cr8spsOQ08nwI2GwC8cJT+5pHFc
AhsgcOv4iZHPVdOAcNm/+q4CBqijWxQKhP2bs5wZKb8uCSfXVzUZjDXLTVNRAkfo
ocVClcilTzVZAIP5ywLBLSfJB0eqifCGHfdtgEJ8pHBYLZMEVvB1JE72XtsSHxun
w3tMMULU48BKs9OWLFqZdSQtEmI/IlpXCuuyTqQ832G18YSZK47wFi+oxQtfaOa3
RBttv0934zo8zsaH2rE37m3aBATCwAQn7BXG2zO7P/DriuqOnAc=
=NtPt
-----END PGP SIGNATURE-----
|
|
|
|
