On Thu, Jul 10, 2014 at 12:10:50AM +0200, Andreas Cadhalpun wrote:
>
> As this seems to be a rather important security bug, I think a backport
> would be useful in this case.
Raphael wanted to update ffmpeg in squeeze. I'm adding him to CC,
so that he can fold in the patch.
> I'm afraid I don't
Hi,
On 01.07.2014 16:27, Moritz Muehlenhoff wrote:
> On Tue, Jul 01, 2014 at 10:01:35AM +1000, Matt Palmer wrote:
> > On Fri, Jun 27, 2014 at 07:30:11PM +0200, Andreas Cadhalpun wrote:
> > > I'd like to inform you that ffmpeg 0.5.10-1 in squeeze is
> > > vulnerable to CVE-2014-4610 [1].
> > > The
On Tue, Jul 01, 2014 at 10:01:35AM +1000, Matt Palmer wrote:
> Hi,
>
> On Fri, Jun 27, 2014 at 07:30:11PM +0200, Andreas Cadhalpun wrote:
> > I'd like to inform you that ffmpeg 0.5.10-1 in squeeze is vulnerable
> > to CVE-2014-4610 [1].
> > The fix [2] should be easily backportable.
>
> Thanks fo
Hi,
On Fri, Jun 27, 2014 at 07:30:11PM +0200, Andreas Cadhalpun wrote:
> I'd like to inform you that ffmpeg 0.5.10-1 in squeeze is vulnerable
> to CVE-2014-4610 [1].
> The fix [2] should be easily backportable.
Thanks for taking the time to send this info through.
This bug has been marked as "wo
Hi,
I'd like to inform you that ffmpeg 0.5.10-1 in squeeze is vulnerable to
CVE-2014-4610 [1].
The fix [2] should be easily backportable.
Best regards,
Andreas
1: http://seclists.org/oss-sec/2014/q2/668
2:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f5
