Linux Compatible
  • News
    • Channels
    • Archive
    • Search
    • Submit
  • Articles
    • Categories
  • Knowledgebase
  • Compatibility
    • Search
  • Links
  • Forums
  • Twitter
Advertisement

Latest News
[ Windows | Linux | Apple ]

· Core i7 8700K vs. Ryzen 7 2700X With Rise of The Tomb Raider On Linux and more
· OpenVPN Security Update (SSA:2018-116-01) for Slackware
· Red Hat Enterprise Linux 6.10 Beta released
· ZSH Security Update for openSUSE
· Ubuntu 18.04 LTS (Bionic Beaver) released
· Unbreakable Enterprise Kernel Security Update for Oracle Linux 6 and 7
· Drupal7 Security Update for Debian 7 LTS
· 4GHz CPU Battle: AMD 2nd-Gen Ryzen vs. Intel 8th-Gen Core and more
· BuildStream 1.1.3 released
· Windows 10 Insider Preview Build 17655 for Skip Ahead

Upcoming News
· Samsung 860 Pro SSD Review @ Vortez
· Raijintek Orcus 240 @ TechPowerUp
· Team Group Cardea Zero 240 GB @ TechPowerUp
· Guru3D Rig of the Month - January 2018
· Cooler Master MK750 Review @ Vortez
· Seagate Skyhawk 10TB SATA III HDD Review
· Vulkan Continues To Show Its Gaming Strength On Low-End Hardware
· Seagate IronWolf ST12000VN0007 12TB Hard Drive Review @ APH Networks
· Sennheiser Game One @ TechPowerUp
· be quiet! Straight Power 11 1000W Power Supply Review

Linux Compatibility
· Brother DCP-L2540DN
· Sound Blaster E5
· WD Elements 500GB external hard drive
· Canon D660U Flatbad scanner
· Umax Astra 4500 USB Scanner
· Logitech QuickCam Pro 4000
· Dell Latitude E6420
· Creative Sound Blaster Z
· Photosmart 5520
· TB-5300 Slimline Design Tablet

New Forum Topics
· Dale
by: Dale Blinco
on: 2018-02-05 00:26
1 replies, 1228 views

· modem driver needed
by: jongiffen777
on: 2017-12-13 11:11
1 replies, 2413 views

· Need a decent browser for XP Pro!
by: percy
on: 2017-12-05 11:02
2 replies, 4295 views

· Comodo Time Machine + Faronics Deep Freeze
by: Jabberwocky
on: 2017-11-15 23:17
1 replies, 2899 views

· Linux compatablity
by: ibme
on: 2017-10-04 18:05
1 replies, 4815 views

News Channels
· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android
· Oracle Linux
· Arch Linux

What's New
Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Linux Compatible » News » September 2006 » [Security Announce] [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities

[Security Announce] [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities

Posted by Bob on: 09/29/2006 02:15 AM [ Print | 0 comment(s) ]

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:173
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ffmpeg
Date : September 28, 2006
Affected: 2006.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple buffer overflows in libavcodec in ffmpeg before
0.4.9_p20060530 allow remote attackers to cause a denial of service or
possibly execute arbitrary code via multiple unspecified vectors in (1)
dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6)
tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11)
smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is
a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

Updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
70f951cfb00bd1a976ffd682f71c23ef 2006.0/i586/ffmpeg-0.4.9-0.pre1.5.2.20060mdk.i586.rpm
0de2a4efb5beb153e13a46ef160076b3 2006.0/i586/libffmpeg0-0.4.9-0.pre1.5.2.20060mdk.i586.rpm
80a876fead4c2f1fda335964b84407fd 2006.0/i586/libffmpeg0-devel-0.4.9-0.pre1.5.2.20060mdk.i586.rpm
8a22beb958201500862541f9cc18c399 2006.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
dc1aed466f6b4064765a1a333c7c4710 2006.0/x86_64/ffmpeg-0.4.9-0.pre1.5.2.20060mdk.x86_64.rpm
299a9fcfdce014cc13b906df6fe133f6 2006.0/x86_64/lib64ffmpeg0-0.4.9-0.pre1.5.2.20060mdk.x86_64.rpm
9b2483e5edb8cf196b0df877706c315f 2006.0/x86_64/lib64ffmpeg0-devel-0.4.9-0.pre1.5.2.20060mdk.x86_64.rpm
8a22beb958201500862541f9cc18c399 2006.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.2.20060mdk.src.rpm

Corporate 3.0:
ebebfa31e3817060e6f1862e7bb673a2 corporate/3.0/i586/ffmpeg-0.4.8-7.3.C30mdk.i586.rpm
51e303559d0d07ff86af703906065e19 corporate/3.0/i586/libffmpeg0-0.4.8-7.3.C30mdk.i586.rpm
6375f7c63d7c53d18d5ea16c8d96e9c1 corporate/3.0/i586/libffmpeg0-devel-0.4.8-7.3.C30mdk.i586.rpm
b089b6a12c6390aed83c5dd412e35da7 corporate/3.0/SRPMS/ffmpeg-0.4.8-7.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
85c5aa0a8021680bfa987a652f94cde5 corporate/3.0/x86_64/ffmpeg-0.4.8-7.3.C30mdk.x86_64.rpm
e26a80cc7d31cdcccda6e4d69eb13722 corporate/3.0/x86_64/lib64ffmpeg0-0.4.8-7.3.C30mdk.x86_64.rpm
35194873a8a53e71950d5c042245b03a corporate/3.0/x86_64/lib64ffmpeg0-devel-0.4.8-7.3.C30mdk.x86_64.rpm
b089b6a12c6390aed83c5dd412e35da7 corporate/3.0/SRPMS/ffmpeg-0.4.8-7.3.C30mdk.src.rpm

Corporate 4.0:
064b1663a622879bf77f6f565b83cb96 corporate/4.0/i586/libffmpeg0-0.4.9-0.pre1.5.2.20060mlcs4.i586.rpm
c558365bbaf260429be0a6f51a5f3875 corporate/4.0/i586/libffmpeg0-devel-0.4.9-0.pre1.5.2.20060mlcs4.i586.rpm
91d0e04a3df240ecd67c74b64a48bb62 corporate/4.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
5563813e75db69e560e32729f872a2a8 corporate/4.0/x86_64/lib64ffmpeg0-0.4.9-0.pre1.5.2.20060mlcs4.x86_64.rpm
7f5c2f384e711027ad1e9fd76f4abe3f corporate/4.0/x86_64/lib64ffmpeg0-devel-0.4.9-0.pre1.5.2.20060mlcs4.x86_64.rpm
91d0e04a3df240ecd67c74b64a48bb62 corporate/4.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.2.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFHDkFmqjQ0CJFipgRAqM1AKC4uTKc3eu/7jJ+J0jpAHI2rPf0dACg9mkv
YsCd0RplOBS5ZhbV/ZQM6yo=
=/I1x
-----END PGP SIGNATURE-----


Bookmark and Share

« [Security Announce] [ MDKSA-2006:174 ] - Update gstreamer-ffmpeg packages fix buffer overflow vulnerabilities · Visual Studio Code Name Orcas September 2006 CTP »

Linux Compatible » News » September 2006 » [Security Announce] [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2018 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition