| |||||||||||||||||||
Mageia alert MGASA-2012-0331 (ffmpeg)
MGASA-2012-0331 Date: November 17th, 2012 Affected releases: 2 Description: Updated ffmpeg packages fix security vulnerabilities: vc1dec: check that coded slice positions and interlacing match. This fixes out of array writes (CVE-2012-2796) alsdec: fix number of decoded samples in first sub-block in BGMC mode (CVE-2012-2790) cavsdec: check for changing w/h. Our decoder does not support changing w/h (CVE-2012-2777, CVE-2012-2784) indeo4: update AVCodecContext width/height on size change (CVE-2012-2787) avidec: use actually read size instead of requested size (CVE-2012-2788) wmaprodec: check num_vec_coeffs for validity (CVE-2012-2789) lagarith: check count before writing zeros (CVE-2012-2793) indeo3: fix out of cell write (CVE-2012-2776) indeo5: check tile size in decode_mb_info(). This prevents writing into a too small array if some parameters changed without the tile being reallocated (CVE-2012-2794) indeo5dec: Make sure we have had a valid gop header. This prevents decoding happening on a half initialized context (CVE-2012-2779) indeo4/5: check empty tile size in decode_mb_info(). This prevents writing into a too small array if some parameters changed without the tile being reallocated (CVE-2012-2800) dfa: improve boundary checks in decode_dds1() (CVE-2012-2798) dfa: check that the caller set width/height properly (CVE-2012-2786) avsdec: Set dimensions instead of relying on the demuxer. The decode function assumes that the video will have those dimensions (CVE-2012-2801) ac3dec: ensure get_buffer() gets a buffer for the correct number of channels (CVE-2012-2802) rv34: error out on size changes with frame threading (CVE-2012-2772) alsdec: check opt_order. Fixes out of array write in quant_cof. Also make sure no invalid opt_order stays in the context (CVE-2012-2775) This updates ffmpeg to version 0.10.6 which contains the security fixes above as well as other bug fixes. Updated Packages: ffmpeg-0.10.6-1.mga2 lib(64)avcodec53-0.10.6-1.mga2 lib(64)avfilter2-0.10.6-1.mga2 lib(64)avformat53-0.10.6-1.mga2 lib(64)avutil51-0.10.6-1.mga2 lib(64)ffmpeg-devel-0.10.6-1.mga2 lib(64)ffmpeg-static-devel-0.10.6-1.mga2 lib(64)postproc52-0.10.6-1.mga2 lib(64)swresample0-0.10.6-1.mga2 lib(64)swscaler2-0.10.6-1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2794 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2796 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2802 http://git.videolan.org/?p=ffmpeg.git;a=log;h=refs/heads/... https://bugs.mageia.org/show_bug.cgi?id=8065 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||