On Fri, 2009-01-09 at 22:16 +, Ben Hutchings wrote:
> On Fri, 2009-01-09 at 22:40 +0100, Reinhard Tartler wrote:
> > Ben Hutchings writes:
> >
> > >> I'll upload it as soon as someone can confirm me that these packages
> > >> actually fix the problem.
> > >
> > > Based on inspection of the or
On Fri, 2009-01-09 at 22:40 +0100, Reinhard Tartler wrote:
> Ben Hutchings writes:
>
> >> I'll upload it as soon as someone can confirm me that these packages
> >> actually fix the problem.
> >
> > Based on inspection of the original code and patch for -4866 in this
> > test package, I am confide
Ben Hutchings writes:
>> I'll upload it as soon as someone can confirm me that these packages
>> actually fix the problem.
>
> Based on inspection of the original code and patch for -4866 in this
> test package, I am confident that this will be fixed.
hm. okay, then I'll upload that package.
>
On Thu, 2008-12-04 at 22:41 +0100, Reinhard Tartler wrote:
> Mark Purcell writes:
>
> > On Wednesday 12 November 2008 19:23:18 Reinhard Tartler wrote:
> >> Summary: the only issue this bug is about is actually CVE-2008-4869,
> >> where I have committed a patch, but would really need some help wit
Mark Purcell <[EMAIL PROTECTED]> writes:
> On Wednesday 12 November 2008 19:23:18 Reinhard Tartler wrote:
>> Summary: the only issue this bug is about is actually CVE-2008-4869,
>> where I have committed a patch, but would really need some help with
>> verifying the patch.
>
> Reinhard,
>
> This R
On Wednesday 12 November 2008 19:23:18 Reinhard Tartler wrote:
> Summary: the only issue this bug is about is actually CVE-2008-4869,
> where I have committed a patch, but would really need some help with
> verifying the patch.
Reinhard,
This RC bug has been sitting idle for the last couple of we
Reinhard Tartler wrote:
>
> >> CVE-2008-4869[0]:
> >> | FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers
> >> | to cause a denial of service (memory consumption) via unknown vectors,
> >> | aka a "Tcp/udp memory leak."
> >
> > you asked me later to ignore this. ok.
>
> I'm sor
Reinhard Tartler <[EMAIL PROTECTED]> writes:
>> CVE-2008-4869[0]:
>> | FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers
>> | to cause a denial of service (memory consumption) via unknown vectors,
>> | aka a "Tcp/udp memory leak."
>
> you asked me later to ignore this. ok.
I'm
Thank you for your work on security issues.
Please avoid munging that many seperate issues into the same bug.
Steffen Joeris <[EMAIL PROTECTED]> writes:
> Package: ffmpeg-debian
> Version: 0.svn20080206-14
> Severity: grave
> Tags: security, patch
> Justification: user security hole
>
> Hi,
> t
Hi
> CVE-2008-4868[1]:
> | Unspecified vulnerability in the avcodec_close function in
> | libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer,
> | has unknown impact and attack vectors, related to a free "on random
> | pointers."
Forget about this one, it seems to be fixed in our
Package: ffmpeg-debian
Version: 0.svn20080206-14
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for ffmpeg.
CVE-2008-4869[0]:
| FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attacke
11 matches
Mail list logo
