Updated ffmpeg packages fix security vulnerabilities
Publication date: 04 Jul 2014Modification date: 04 Jul 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-2097 , CVE-2014-2098 , CVE-2014-2099 , CVE-2014-2263 , CVE-2014-4610
Description
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.0.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data (CVE-2014-2097). libavcodec/wmalosslessdec.c in FFmpeg before 2.0.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data (CVE-2014-2098). The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.0.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data (CVE-2014-2099). The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg before 2.0.4 allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write (CVE-2014-2263). An integer overflow in LZO decompression in FFmpeg before 2.0.5 allows remote attackers to have an unspecified impact by embedding compressed data in a video file (CVE-2014-4610). This updates provides ffmpeg version 2.0.5, which fixes these issues and several other bugs which were corrected upstream.
References
- https://bugs.mageia.org/show_bug.cgi?id=13594
- http://git.videolan.org/?p=ffmpeg.git;a=log;h=n2.0.5
- http://ffmpeg.org/olddownload.html
- http://ffmpeg.org/security.html
- http://openwall.com/lists/oss-security/2014/06/26/23
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610
SRPMS
4/tainted
- ffmpeg-2.0.5-1.mga4.tainted
4/core
- ffmpeg-2.0.5-1.mga4