Hi,
I intent do NMU this bug.
The attached patch fixes this issue.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/mplayer-1.0~rc1-16_1.0~rc1-16.1.patch
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in
On Fri, Sep 21, 2007 at 07:58:01PM +0200, Nico Golde wrote:
> * Reimar Döffinger <[EMAIL PROTECTED]> [2007-09-21 19:41]:
> > On Fri, Sep 21, 2007 at 06:57:48PM +0200, Nico Golde wrote:
[...]
> > > http://svn.mplayerhq.hu/mplayer/trunk/libmpdemux/aviheader.c?r1=23985&r2=24447
> > > should fix this i
Hi,
* Reimar Döffinger <[EMAIL PROTECTED]> [2007-09-21 19:41]:
> On Fri, Sep 21, 2007 at 06:57:48PM +0200, Nico Golde wrote:
> [...]
> > However in glibc < 2.5 (etch) this leads to an heap overflow
> > because of a missing integer overflow check in glibc < 2.5.
>
> Did you test?
>
> > See http:/
Hello,
On Fri, Sep 21, 2007 at 06:57:48PM +0200, Nico Golde wrote:
[...]
> However in glibc < 2.5 (etch) this leads to an heap overflow
> because of a missing integer overflow check in glibc < 2.5.
Did you test?
> See http://cert.uni-stuttgart.de/advisories/calloc.php this
> was merged into gli
Package: mplayer
Version: 1.0~rc1-16
Severity: important
Tags: security
Hi,
a CVE has been issued against mplayer.
CVE-2007-4938[0]:
Heap-based buffer overflow in libmpdemux/aviheader.c in
MPlayer 1.0rc1 and earlier allows remote attackers to cause
a denial of service (application crash) or poss
5 matches
Mail list logo
