Updated ffmpeg packages fix security vulnerabilities
Publication date: 04 Jul 2014Modification date: 04 Jul 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2012-5150 , CVE-2014-2097 , CVE-2014-2098 , CVE-2014-2099 , CVE-2014-2263 , CVE-2014-4610
Description
A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service (CVE-2012-5150). The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 1.1.9 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data (CVE-2014-2097). libavcodec/wmalosslessdec.c in FFmpeg before 1.1.9 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data (CVE-2014-2098). The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 1.1.9 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data (CVE-2014-2099). The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg before 1.1.9 allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write (CVE-2014-2263). An integer overflow in LZO decompression in FFmpeg before 1.1.12 allows remote attackers to have an unspecified impact by embedding compressed data in a video file (CVE-2014-4610). This updates provides ffmpeg version 1.1.12, which fixes these issues and several other bugs which were corrected upstream.
References
- https://bugs.mageia.org/show_bug.cgi?id=13595
- http://git.videolan.org/?p=ffmpeg.git;a=log;h=n1.1.12
- http://ffmpeg.org/olddownload.html
- http://ffmpeg.org/security.html
- http://openwall.com/lists/oss-security/2014/06/26/23
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5150
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610
SRPMS
3/core
- ffmpeg-1.1.12-1.mga3
3/tainted
- ffmpeg-1.1.12-1.mga3.tainted