Hi, On Tue, Dec 06, 2005 at 10:41:08AM +0100, Moritz Muehlenhoff wrote: > Package: ffmpeg > Version: 0.cvs20050918-5 > Severity: grave > Tags: security > Justification: user security hole > > An exploitable heap overflow has been found in libavcodec's handling > of images with PIX_FMT_PAL8 pixel formats. Please see > http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 > for more information and a demo image. > > Upstream's fix can be found at > http://mplayerhq.hu/pipermail/ffmpeg-cvslog/2005-December/000979.html
I have an NMU ready to fix this. Please tell me soon if you'd like me not to upload it. It might be a better idea to make a new cvs snapshot, feel free to tell me if I can help. Cheers, Samuel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
